CVE-2026-53310

Technical details are not publicly available in the provided documents. Monitor for updates.

EUVD-2026-39845

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix cross-fabric target timeout lookup When a fabric receives an error interrupt, the error may have occurred on a different fabric. The target timeout lookup was using the wrong base address cbb-regs with offsets...

CVE-2026-53044

A flaw was found in the Linux kernel. An out-of-bounds access vulnerability exists in the soc/tegra: cbb fabric lookup tables due to incorrect array size usage. This issue could allow a local attacker to cause a denial of service DoS or potentially lead to information disclosure...

EUVD-2026-38912

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix incorrect ARRAYSIZE in fabric lookup tables Fix incorrect ARRAYSIZE usage in fabric lookup tables which could cause out-of-bounds access during target timeout lookup...

CVE-2026-53044

In the Linux kernel, the issue is in the soc/tegra cbb code where incorrect ARRAY_SIZE usage in fabric lookup tables could cause out-of-bounds access during target timeout lookup. The patch fixes the ARRAY_SIZE usage to prevent out-of-bounds access; the vulnerability is resolved in the kernel’s f...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the link-down processing to address the issue of NULL pointer dereferencing. If a FC link-down transition occurs while PLOGIs are outstanding and the fabric-known addresses are involved, outstanding ABTS request...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: Do not wait in vain when unloading the module. There is a race condition in the module exit path, where both deleting all controllers and freeing the “leftover IDs” occur simultaneously. To prevent double-freeing, a...

CVE-2026-50107

When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition CRD access log format...

CVE-2026-32682

When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containing backendRef filters. Note:...

CVE-2026-32682 NGINX Gateway Fabric vulnerability

When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containing backendRef filters. Note:...

EUVD-2026-37793

When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containing backendRef filters. Note:...

CVE-2026-32682

The CVE-2026-32682 entry concerns NGINX Gateway Fabric. The vulnerability arises when GRPCRoutes are configured; an authenticated user with permission to create or modify GRPCRoute resources can cause the control plane to terminate by sending undisclosed GRPCRoute configurations containing backen...

EUVD-2026-37792

When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition CRD access log format...

CVE-2026-50107 NGINX Gateway Fabric vulnerability

When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition CRD access log format...

CVE-2026-50107

CVE-2026-50107 : Affects NGINX Plus or NGINX Open Source used as the data plane for NGINX Gateway Fabric. The vulnerability lies in the configuration generator component: user-supplied values from the NginxProxy CRD access log format setting are rendered directly into NGINX configuration template...

K000161785: NGINX Gateway Fabric vulnerability CVE-2026-50107

Security Advisory Description When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource...

K000161786: NGINX Gateway Fabric vulnerability CVE-2026-32682

Security Advisory Description When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containin...

CVE-2026-11311

When NGINX Plus is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition serverTokens field and the...

CVE-2026-11311 NGINX Gateway Fabric vulnerability

When NGINX Plus is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition serverTokens field and the...

CVE-2026-11311

CVE-2026-11311 affects NGINX Gateway Fabric when used with NGINX Plus. The vulnerability resides in the NGINX configuration generator: user-supplied values from the NginxProxy CRD serverTokens field and the AuthenticationFilter CRD extraAuthArgs field are rendered directly into NGINX configuratio...