PT-2026-46569

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in ANGLE. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially craft...

EUVD-2025-209797

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.2. An app may be able to break out of its sandbox...

CVE-2025-43524

An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.2. An app may be able to break out of its sandbox...

CVE-2025-43524

CVE-2025-43524 is a local sandbox escape in macOS components. The issue is described as an access problem that could allow an app to break out of its sandbox. Public entries confirm fixes in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.2. The associated advisories consistently fl...

Astra Linux - уязвимость в linux

A flaw was discovered in the KVM’s AMD code, responsible for supporting SVM nested virtualization. The flaw occurs during the processing of the VMCB virtual machine control block provided by the L1 guest, which is used to spawn or handle a nested guest L2. Due to improper validation of the...

RHCOS 4 : OpenShift Container Platform 4.17.50 (RHSA-2026:3416)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:3416 advisory. - runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects...

DEBIAN-CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

Linux Distros Unpatched Vulnerability : CVE-2026-6019

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - http.cookies.Morsel.jsoutput returns an inline snippet and only escapes for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence...

Important: containerd

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

EulerOS 2.0 SP10 : docker-runc (EulerOS-SA-2026-1306)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through...

PT-2026-7793

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 26.3 Apple iPadOS versions prior to 26.3 Apple macOS Sonoma versions prior to 14.8.4 Apple macOS Sequoia versions prior to 15.7.4 Apple macOS Tahoe versions prior to 26.3 Apple watchOS versions prior to 26.3...

SandboxJS 代码注入漏洞

SandboxJS is a security assessment tool developed by nyariv. Versions of SandboxJS prior to 0.8.27 contained a code injection vulnerability. This vulnerability stemmed from improper restrictions on lookupGetter, which could lead to sandbox escape or remote code execution...

podman security update

5.6.0-7.0.1 - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount Orabug: 36234694 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117404 6:5.6.0-7 - update to the latest content of...

USN-7851-2 runc-app, runc-stable regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

CVE-2025-43364

CVE-2025-43364 describes a race condition in macOS components that could allow an app to break out of its sandbox. The issue was addressed with additional validation and is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7 (and related advisories). The available sources (NVD/NCSC/Red Hat Apple secur...

PT-2025-44159

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 144.0.2 Description A compromised child process could trigger a use-after-free in the GPU or browser process through WebGPU-related IPC calls. This could potentially allow for escaping the child process sandbox...

CLSA-2025-1761214095 qemu-kvm: Fix of CVE-2023-5088

CVE-2023-5088: fix incorrect guest I/O redirection to offset 0 that could allow data overwrite at LBA 0 and potential VM escape...

EUVD-2018-17915

Malware in sbrugna...

EUVD-2020-3794

Malware in sbrugna...

EUVD-2024-40901

Malicious code in bioql PyPI...