Rizin 资源管理错误漏洞

Rizin is a free, open-source reverse-engineering framework developed by the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensics tool, and as a command-line hexadecimal editor capable of opening disk files. Rizin has a resource manageme...

SUSE SLES15 Security Update : redis7 (SUSE-SU-2026:2097-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2097-1 advisory. This update for redis7 fixes the following issues - CVE-2026-23631: Lua use-after-free via the master-replica synchronization...

CVE-2026-44882

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33., Portainer proxies requests to Kubernetes clusters through a middleware layer...

CVE-2026-46112

A flaw was found in the Linux kernel's RDMA/hns component. An issue exists where the hnsroceqpremove function is called without proper locking during an error handling process. This can lead to memory corruption, potentially causing system instability or a denial of service DoS condition. A local...

CVE-2026-46129

A flaw was found in the Linux kernel, specifically within the btrfs filesystem. This vulnerability, a double free, occurs in the createspaceinfo function's error handling path. When an internal object initialization fails, the system attempts to release memory twice for the same resource. This ca...

CVE-2026-46128

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI subsystem. This vulnerability occurs when the kernel processes event message buffer responses from Baseboard Management Controllers BMCs. Some BMCs may return an empty message instead of an expected error, which...

CVE-2026-46144

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the mana driver. During an error unwind in the manaibcreateqprss function, a resource leak occurs where manaibcfgvportsteering is not properly cleaned up. This vulnerability could lead to resour...

CVE-2026-46156

A flaw was found in the Linux kernel's LoongArch architecture. An issue in the loongsongpufixupdmahang function, specifically with incorrect handling of device IDs when a discrete GPU is inserted, can lead to an Address Data Error ADE. This flaw may allow a local attacker to trigger a kernel pani...

CVE-2026-46178

A flaw was found in the Linux kernel. This vulnerability, located in the RDMA/mlx4 component, is due to a resource leak during error handling in the mlx4ibcreatesrq function. An attacker could potentially exploit this flaw to cause a denial of service by exhausting system resources...

CVE-2026-46107

A flaw was found in the Linux kernel's Device Mapper dm-thin component. This vulnerability, a metadata reference count underflow, occurs in the rebalancechildren function. When an internal btree node with a single entry is shared, the system incorrectly tracks the usage of child nodes. This can...

CVE-2026-44324

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...

CVE-2026-44322

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/afId/transactions/transId/applications/appId handler panics with a nil-pointer dereference when the upstream UDR call fails AND the consumer wrapper returns err != nil...

CVE-2026-46130

A flaw was found in the Linux kernel's device-mapper verity forward error correction dm-verity-fec component. This vulnerability occurs because a function responsible for decoding parity data makes an incorrect assumption about how these data blocks are read. Under specific, non-default...

CVE-2026-33463 Operation on a Resource after Expiration or Termination in Kibana Leading to Unauthorized File Access

Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-bounded access token to remain usable beyond its intended validity window, enabling an unauthenticate...

CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

CVE-2026-47335

Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic...

CVE-2026-47333

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data...

CVE-2026-47332 Out-of-bounds read in Ubuntu Linux AppArmor notification handling

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent...

CVE-2026-46162

A flaw was found in the Linux kernel's ice driver. An error in the icesfethactivate function's error handling path can lead to a double free of memory. This occurs when auxiliarydeviceadd fails, causing kfreesfdev to be called twice. This vulnerability could lead to memory corruption or a denial ...

CVE-2026-46185

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability arises from insufficient length validation in the smb2checkmessage function when processing symlink error responses. A remote attacker could exploit this by sending a specially crafted symlink error respons...