CVE-2026-45926

rust: pwm: Fix potential memory leak on init error...

PT-2026-43591

Name of the Vulnerable Software and Affected Versions Synology Assistant versions prior to 7.0.6-50085 Description An origin validation error allows local users to write arbitrary files with restricted content during the installation process. Recommendations Update to version 7.0.6-50085 or later...

CVE-2026-45871

tpm: st33zp24: Fix missing cleanup on getburstcount error...

CVE-2026-45924

ksmbd: call ksmbdvfskernpathendremoving on some error paths...

PT-2026-43793

In the Linux kernel, the following vulnerability has been resolved: rust: pwm: Fix potential memory leak on init error When initializing a PWM chip using pwmchip alloc, the allocated device owns an initial reference that must be released on all error paths. If pinned init were to fail, the...

PT-2026-43590

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 3.1.0-4967 Description An origin validation error occurs during installation, which allows local users to write arbitrary files containing restricted content. Recommendations Update t...

CVE-2026-45904

powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling...

PT-2026-43772

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...

Linux Distros Unpatched Vulnerability : CVE-2026-45871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without...

PT-2026-43877

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the rxrpc component where the rxgk extract token function lacks proper error handling. Specifically, when the rxgk decrypt skb function returns -ENOMEM indicating a memor...

PT-2026-43871

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A Use-After-Free UAF issue exists in the caiaq driver of the Linux kernel. The setup card function does not handle error cas...

Linux Distros Unpatched Vulnerability : CVE-2026-46004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from...

WeGIA 输入验证错误漏洞

WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.7.3 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation or restrictions on the nextPage parameter...

pam_usb 安全漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained security vulnerabilities. These vulnerabilities stemmed from the silent ignoring of EACCES errors in the src/evdev.c file. This could lead t...

libusb 缓冲区错误漏洞

libusb is an open-source, cross-platform USB device access library. Versions of libusb prior to 1.0.30 contained a buffer error vulnerability. This vulnerability stems from the use of the original buffer size rather than the remaining size during boundary checks in the parseiadarray function, whi...

pam_usb 输入验证错误漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.1 contained a input validation vulnerability. This vulnerability stems from the lack of an upper limit on the number of ndevices being counted in...

PT-2026-43755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the raid1 run function. This function calls setup conf, which registers a thread using md register thread. If the raid1 set limits function fails, the registered...

PT-2026-43738

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the TPM st33zp24 driver where the get burstcount function can return -EBUSY upon a timeout. In such instances, the st33zp24 send function returns immediately without...

PT-2026-43814

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the amdgpu acpi enumerate xcc function. When the amdgpu acpi dev init function returns a -ENOMEM error, the system returns immediately without releasing the...

PT-2026-43731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fs/ntfs3 component where processing the valid range valid : pos can trigger an infinite loop if the retrieved valid value remains constant. This can lead to system...