CVE-2026-54533 vantage6 node has an Improper Access Control issue

vantage6 is an open-source infrastructure for privacy preserving analysis. Prior to version 5.0.0, malicious algorithms can potentially access other algorithms input and output files. Version 5.0.0 fixes the issue. As a workaround, verify and restrict the algorithm containers that are allowed to...

CVE-2026-8049

The CVE-2026-8049 issue affects SignalRGB’s Windows kernel driver, SignalIo.sys, in versions prior to 1.3.7.0. The device object (.SignalIo) is created without an explicit SDDL security descriptor and without FILE_DEVICE_SECURE_OPEN, resulting in overly permissive default access. This permits any...

PT-2026-49095

Glances 4.5.5 is release ! https://preview.redd.it/nr4odffe827h1.png?width=1909&format=png&auto=webp&s=5d337a845f700576ab19a9becce3e49de1cd1391 Quick test with uvx: uvx -U glances Bugs corrected: /api/4/containers stays 4-5s with 60 Docker containers 3559 Crash when using --sparkline 3547 VMs...

Xen: x86 HVM I/O Port List Traversal (XSA-491)

HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses therefore needs...

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

CVE-2026-45782

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. From version 21.0 to before version 51.2, a guest can cause a use-after-free in the cloud-hypervisor process by submitting two virtio-block descriptor chains that reuse the same headindex while asynchronous block I/O is enabled e....

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-2336)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : iommu/sva: invalidate stale IOTLB entries for kernel address spaceCVE-2025-71202 iommu: disable SVA when CONFIGX86 is setCVE-2025-71089 tls: Fix...

CVE-2025-54509

Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor ASP potentially resulting in loss of integrity...

CVE-2025-54509

CVE-2025-54509 describes improper access control for the IOMMU register interface, potentially allowing a privileged attacker using the AMD secure processor (ASP) to cause non-coherent accesses and induce loss of integrity. The vulnerability stems from access control weaknesses in the IOMMU regis...

EUVD-2025-210086

Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor ASP potentially resulting in loss of integrity...

x86 HVM I/O port list traversal

ISSUE DESCRIPTION HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses...

ASP non-Coherent Memory Access

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54509| Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD Secure...

PT-2026-47853

Hermes WebUI before version 0.51.270 contains a resource exhaustion vulnerability that allows unauthenticated remote attackers to degrade service availability by repeatedly calling the passkey options endpoint without completing assertion. Attackers can send unlimited POST requests to the...

PT-2026-48241

This update for xen fixes the following issues: - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache metadata bsc1266955. - CVE-2026-42489,CVE-2026-42490: domctl lock open to abuse bsc1266953...

CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

PT-2026-47624

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...

PT-2026-47575

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...

CVE-2025-70795

STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...

CVE-2026-6737

An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision Touchpa...

CVE-2025-47406

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...