SUSE CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

UBUNTU-CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

EUVD-2026-32778

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

CVE-2026-46151

CVE-2026-46151 affects the Linux kernel USB printer driver usblp, causing a heap leak in IEEE 1284 device ID handling due to short GET_DEVICE_ID responses. The issue stems from usblp_ctrl_msg() discarding actual bytes and usblp_cache_device_id_string() trusting a 2‑byte length prefix, exposing st...

PT-2026-44274

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A heap leak exists in the usblp driver when handling IEEE 1284 device IDs. The usblp ctrl msg function discards the actual number of bytes transferred during a usb control msg call. If a...

Astra Linux - уязвимость в wireshark

IEEE 802.11 protocol dissector crashes in Wireshark versions 4.6.0 to 4.6.4...

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

EUVD-2026-28976

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-8228

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-8228

CVE-2026-8228 affects Wavlink NU516U1 240425. The vulnerability is in the function advance of the file /cgi-bin/wireless.cgi . Improper handling of the argument wlan_conf/Channel/skiplist/ieee_80211h allows an attacker to perform an OS command injection remotely. The attack surface is network-exp...

CVE-2026-8228 Wavlink NU516U1 wireless.cgi advance os command injection

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlanconf/Channel/skiplist/ieee80211h leads to os command injection. The attack may be launched remotely. The exploit has been...

CVE-2026-6525

A flaw was found in the IEEE 802.11 dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the IEEE 802.11 protocol dissector is not being used, it can be...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When moving a station out of a VLAN and deleting the VLAN afterwards, the fastrx entry still holds a pointer to the VLAN’s netdev. This can lead to use-after-free...

CVE-2026-6525

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6525

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

EUVD-2026-26785

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

CVE-2026-6525 NULL Pointer Dereference in Wireshark

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

Wireshark 2.4.x < 2.4.6 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.6. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.6 advisory. - The MP4 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed pack...

CVE-2026-43052 wifi: mac80211: check tdls flag in ieee80211_tdls_oper

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211tdlsoper When NL80211TDLSENABLELINK is called, the code only checks if the station exists but not whether it is actually a TDLS station. This allows the operation to proceed for non-TDL...

Wireshark 2.2.x < 2.2.13 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.13 advisory. - In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was address...