Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006591)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006591 advisory. In the Linux kernel, the following vulnerability has been resolved: intelth: Fix a resource leak in an error handling path If an error occurs after calling...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006658)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006658 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5wm8731driverprobe The devicenode pointer is returned by...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006735)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006735 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sockrecverrqueue skbufffclonecache was created without...

Oracle Linux 9 : kernel (ELSA-2026-6570)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6570 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154537 CVE-2025-38109 - netfilter: nftables: fix use-after-free in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006717 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmitur...

RockyLinux 9 : kernel (RLSA-2026:6153)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6153 advisory. kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: drm/sched: Fix potential double free in...

Oracle Linux 10 : kernel (ELSA-2026-6632)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6632 advisory. - net/mlx5: Fix ECVF vports unload on shutdown flow CKI Backport Bot RHEL-154540 CVE-2025-38109 - mm/damon/sysfs: cleanup attrs subdirs on context dir...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006739)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006739 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Prevent a potential error pointer dereference The qla4xxxgetepfwdb function is...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006653 advisory. In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some r...

GitLab 18.6 < 18.8.9 / 18.9 < 18.9.5 / 18.10 < 18.10.3 (CVE-2026-2619)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain circumstances could have allowed an...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006659 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix error handling in enainit The enainit won't destroy workqueue created by...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006614)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006614 advisory. In the Linux kernel, the following vulnerability has been resolved: nfsd: call oprelease, even when opfunc returns an error For ops with trivial replies,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006784 advisory. In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for addinterval in dovalidatemem In the dovalidatemem, the call to...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006664 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: avoid invalid memory access via nodeonlineNUMANONODE KASAN reports: 4.668325 T0 BUG:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006729)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006729 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006813)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006813 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out o...

CVE-2026-31790

CVE-2026-31790 affects OpenSSL RSA-based RSASVE encapsulation where RSA_public_encrypt may succeed and output an uninitialized ciphertext buffer if the invocation path returns an error. This can allow leakage of uninitialized data from a prior run of the process to a peer, if an attacker supplies...

CVE-2026-34045

Podman Desktop is a graphical tool for developing on containers and Kubernetes. Prior to 1.26.2, an unauthenticated HTTP server exposed by Podman Desktop allows any network attacker to remotely trigger denial-of-service conditions and extract sensitive information. By abusing missing connection...

CVE-2026-27949

Plane is an an open-source project management tool. Prior to 1.3.0, a vulnerability was identified in Plane's authentication flow where a user's email address is included as a query parameter in the URL during error handling e.g., when an invalid magic code is submitted. Transmitting personally...

Missing Report of Error Condition

Overview github.com/sigstore/cosign/cmd/cosign/cli/verify is a package that aims to make signatures invisible infrastructure. Affected versions of this package are vulnerable to Missing Report of Error Condition in the verify-blob-attestation module when used without --check-claims flag. An...