@join-com/jest-matchers (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via jest-expect (=0.0.1)

jest-expect NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jest-expect and may be impacted: - @join-com/jest-matchers =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4139...

@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)

fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4134...

Malicious code in jest-expect (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

SUSE CVE-2026-43116

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

EUVD-2026-27641

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

CVE-2026-43116

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

CVE-2026-43116

The CVE-2026-43116 issue affects the Linux kernel’s netfilter ctnetlink master conntrack handling. The root cause is insufficient locking around the master conntrack object, which can become invalid while still referenced (exp-&gt;master). The fix extends the nf_conntrack_expect_lock and the spin...

CVE-2026-43116 netfilter: ctnetlink: ensure safe access to master conntrack

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...

PT-2026-37426

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter ctnetlink component allows for unsafe access to the master conntrack object. Holding a reference to the expectation is insufficient because the master conntrack...

SUSE CVE-2026-43027

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...

Astra Linux - уязвимость в golang-1.19

The net/http HTTP/1.1 client mishandled the situation where a server responds to a request with an “Expect: 100-continue” header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, causing the next request sent on that connection to...

Linux Distros Unpatched Vulnerability : CVE-2026-43026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via...

EUVD-2026-26626

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...

CVE-2026-43027 netfilter: nf_conntrack_helper: pass helper to expect cleanup

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...

CVE-2026-43027

The CVE-2026-43027 vulnerability in the Linux kernel arises from nf_conntrack_helper_unregister() freeing a helper while expectations still reference it due to NULL data in nf_ct_expect_iterate_destroy(), leading to use-after-free when later access occurs. The fix is to pass the actual helper poi...

CVE-2026-43027

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...

CVE-2026-43027

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackhelper: pass helper to expect cleanup nfconntrackhelperunregister calls nfctexpectiteratedestroy to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the help...

CVE-2026-43026

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

CVE-2026-43026

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

SUSE CVE-2026-31495

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...