CVE-2026-48527

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions up to and including 26.0.0 are affected by a stored cross-site scripting XSS vulnerability in the /system/api/saveNode endpoint. An authenticated user with a permission to edit pages can bypass the HTML sanitizer by...

CVE-2026-48527

HAX CMS (PHP/NodeJS backends) is affected up to version 26.0.0 by a stored XSS in the /system/api/saveNode endpoint. An authenticated user with page-edit permissions can bypass the HTML sanitizer by injecting an event handler attribute without whitespace before the attribute name. Affected compon...

CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

PT-2026-43732

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

CVE-2026-45865

mctp i2c: initialise event handler read bytes...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Since acpiinstallfixedeventhandler automatically enables the event handling mechanism upon success, it is incorrect to call it before the handler routine is ready to handle...

Astra Linux - уязвимость в firefox

An attacker was able to insert an event handler into a privileged object, allowing arbitrary JavaScript execution in the parent process. Note: This vulnerability only affects Desktop Firefox; mobile versions of Firefox are not affected. This vulnerability applies to Firefox versions earlier than...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Added a missing deinit call. A warning is triggered when repeatedly connecting and disconnecting the rnbd interface: The listadd structure is corrupted. prev-next should be set to next ffff88800b13e480, but it was set ...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register the event handler until the srpt device is fully set up. In rare cases, KASAN reports a use-after-free error in the srptrefreshport function. This appears to occur because the event handler is registere...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Avoid invalid reads in irdmanetevent. The function irdmanetevent should not dereference anything from “neigh” alias “ptr” until it has checked that the event is of type NETEVENTNEIGHUPDATE. Other events have structure...

MCP Registry 跨站脚本漏洞

MCP Registry is an open-source MCP server application store developed by Model Context Protocol. Versions of MCP Registry prior to 1.7.7 contained a cross-site scripting vulnerability. This vulnerability originated from the public directory UI; server-side validation only checked whether the URL...

CVE-2026-0236

A code injection vulnerability in Palo Alto Networks Prisma® Browser on macOS fails to properly restrict access to its AppleScript interface allowing a locally authenticated non-admin user to leverage this exposed Apple Event handler to send unauthorized commands to the browser...

PT-2026-40748

Name of the Vulnerable Software and Affected Versions Prisma Browser on macOS affected versions not specified Description A code injection issue exists where the software fails to properly restrict access to its AppleScript interface. This allows a locally authenticated non-admin user to use an...

EUVD-2026-28774

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

CVE-2026-43468

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw-wq esw-workqueue executes eswfunctionschangedeventhandler - eswvfschangedeventhandler and acquires the devlink lock. .eswitchmodeset acquires devlink lock in devlinknlpredoit -...

CVE-2026-43468

CVE-2026-43468 affects the Linux kernel net/mlx5 subsystem, where a deadlock can occur between the devlink lock and the esw->work_queue. The deadlock trace involves esw_functions_changed_event_handler executing esw_vfs_changed_event_handler, while eswitch_mode_set acquires the devlink lock and...

PT-2026-39034

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel within the NCSI RX and AEN handlers. Specifically, the ncsi aen handler function returns on invalid AEN packets without consuming the socket buff...

PT-2026-39129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs between the devlink lock and esw-work queue. The esw-work queue executes esw functions changed event handler which calls esw vfs changed event handler and acquires the...

CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...