Linux Distros Unpatched Vulnerability : CVE-2026-46194

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix nodecnt race between extent node destroy and writeback f2fsdestroyextentnode does not set FINOEXTENT before clearing extent nodes. When called from...

Optimal Routing and Link Configuration for Covert Heterogeneous Wireless Networks in the Presence of a Friendly Jammer

In modern radio networks, nodes frequently access multiple communication interfaces such as WiFi, cellular, LoRa, and Zigbee. Optimal utilization of such heterogeneous networks HetNets at link and network levels is essential for ensuring efficient and secure communication. Some applications requi...

CVE-2026-46175

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by FGGC of node block During FGGC node block migration, fsck may incorrectly treat the migrated node block as fsync-written data. The reproduction scenario: root@vm:/mnt/f2fs seq 1 2048 | xargs...

LazyAdmin-Writeup

LazyAdmin-Writeup Beginner-friendly TryHackMe LazyAdmin writeu...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nodecnt competition between the destruction and write-back operations of extent nodes in f2fs...

CVE-2026-42756 WordPress QuickWebP – Compress / Optimize Images & Convert WebP | SEO Friendly plugin <= 3.2.7 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ludwig You QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP Compress / Optimize Images & Convert WebP | SEO Friendly: from n...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: f2fs: A fix was made to prevent race conditions during the fsyncentryslab access by multiple f2fs filesystem instances. As reported by syzbot, there is a use-after-free issue during f2fs recovery: A use-after-free occurs when...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fixed the issue of dereferencing a stale list iterator after the loop body. The list iterator variable will become a bogus pointer if no break is executed. Dereferencing it in this case, cur-page could result in an...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue of not checking the atomicwrite status in f2fs ioctl interfaces. Some f2fs ioctl interfaces, such as f2fsiocsetpinfile, f2fsmovefilerange, and f2fsdefragmentrange, failed to check the atomicwrite status, whi...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed the issue where preallocated blocks were truncated in f2fsfileopen. Chenyuwen has reported the following f2fs bugs: Unable to handle a NULL pointer dereferencing at the virtual address 0000000000000011...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: We can avoid panics if extenttree is not created. This patch prevents the following panics: pc: lookupextenttree+0xd8/0x760 lr: f2fsdowritedatapage+0x104/0x87c sp: ffffffc010cbb3c0 x29: ffffffc010cbb3e0 x28:...

WordPress Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability

Privacy-Friendly WordPress Analytics Google Analytics Alternative plugin 3.4.0-3.4.1.1 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover vulnerability discovered by ? in WordPress Plugin Burst Statistics versions 3.4.0-3.4.1.1...

CVE-2026-43349

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. This vulnerability allows a local attacker to cause an uninitialized value access in the f2fssanitychecknodefooter function. This occurs when the system fails to read data from a device into a folio, potentially leading to...

UBUNTU-CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

YARA-X 1.16.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

CVE-2026-31715

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2025-15467 DESCRIPTION: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact...

JLSEC-2026-263 Issue summary: Calling PKCS12_get_friendlyname() function on a maliciously crafted PKCS#12 file...

Issue summary: Calling PKCS12getfriendlyname function on a maliciously crafted PKCS12 file with a BMPString UTF-16BE friendly name containing non-ASCII BMP code point can trigger a one byte write before the allocated buffer. Impact summary: The out-of-bounds write can cause a memory corruption...

[SECURITY] Fedora 44 Update: opam-2.5.1-1.fc44

Opam is a source-based package manager for OCaml. It supports multiple simultaneous compiler installations, flexible package constraints, and a Git-friendly development workflow...

[SECURITY] Fedora 43 Update: opam-2.5.1-1.fc43

Opam is a source-based package manager for OCaml. It supports multiple simultaneous compiler installations, flexible package constraints, and a Git-friendly development workflow...