CVE-2026-40495 FOSSBilling version exposed via asset cache buster

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every a...

PT-2026-5316

Name of the Vulnerable Software and Affected Versions Kata Containers versions prior to 3.26.0 Description Kata Containers is an open source project implementing lightweight Virtual Machines VMs functioning like containers. In versions prior to 3.26.0, a malformed or layerless container image can...

EUVD-2025-35725

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause uninitialized pointer access. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data...

PT-2024-3785 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the vfio ap mdev filter matrix function in the Linux kernel, which is responsible for updating the guest's AP configuration by filtering the matrix of adapters...

Kernel: KVM: leak of uninitialized stack contents to guest

An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object hold...