GHSA-9WGH-M22W-9XJ8 NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints

Summary The public shared-view relation endpoints accepted a caller-supplied column ID without verifying that the column was visible in the shared view, so anyone holding a share UUID could read links from any LTAR column on the view's table — including columns the view owner had hidden. Details...

CVE-2026-45962

In the Linux kernel, the following vulnerability has been resolved: ublk: Validate SQE128 flag before accessing the cmd ublkctrlcmddump accesses header sqe-cmd before IOURINGFSQE128 flag check. This could cause out of boundary memory access. Move the SQE128 flag check earlier in ublkctrluringcmd ...

CVE-2026-21733 RESERVED

Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...

CLSA-2023-1697744503 Fix of 7 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-42755 - net/sched: Retire rsvp classifier CVE-url: https://ubuntu.com/security/CVE-2023-39194 - net: xfrm: Fix xfrmaddressfilter OOB read CVE-url: https://ubuntu.com/security/CVE-2023-39192 - netfilter: xtu32: validate user space input CVE-url:...

The vulnerability of the “go get” command implementation in the Go programming language allows a perpetrator to execute arbitrary code.

The vulnerability of the “go get” command in the Go programming language is related to insufficient validation of input data insufficient checking of the import path when using the “-u” flag. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially create...