Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Using a code segment selector for the VERW operand Robert Gill reported the following issue in 32-bit mode when the dosemu software executed the vm86 system call: General protection fault: 0000 1 PREEMPT SMP CPU: 4 PID:...

Astra Linux – Vulnerability in amd64-microcode

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to influence the cache line write-back behavior of the CPU, resulting in a potential loss of integrity of the guest virtual machine VM memory...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disabling IBT when the hypercall page lacks the ENDBR instruction. On hardware that supports Indirect Branch Tracking IBT, Hyper-V VMs with ConfigVersion 9.3 or later support IBT in the guest. However, current version...

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

CVE-2026-12528 389-ds-base: 389-ds-base: heap-buffer-overflows in __aclp__normalize_acltxt()

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

EUVD-2026-37728

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

PT-2026-49177

A weakness has been identified in svaarala duktape up to 2.99.99. This issue affects some unknown processing of the file duk api bytecode.c. Executing a manipulation of the argument count instr can lead to memory corruption. The attack requires local access. The exploit has been made available to...

Debian dsa-6346 : fonts-opensymbol - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6346 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6346-1 [email protected] https://www.debian.org/securit...

📄 FreeType SHZ 2.14.3 Heap Buffer Overflow

This Python proof of concept framework is designed for security research into a reported heap buffer overflow condition affecting the FreeType TrueType bytecode interpreter. The code constructs specially crafted font structures intended to exercise the SHZ instruction path, generates malformed...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

CVE-2026-49496

Ghidra

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper link resolution before file access. An attacker can modify local files by exploiting symbolic links to redirect file operations to unintended locations. Remediation Upgrade...

CVE-2026-11393

Improper neutralization of triple-quote characters during Python code generation in AgentCore CLI before v0.14.2 might allow an authenticated remote threat actor to execute arbitrary code on AWS AgentCore Runtime under the imported agent's IAM execution role and on the local environment of anothe...

CVE-2026-11393

Affected software: AgentCore CLI (v0.14.2 fix). Vulnerable path: Python code generation in AgentCore CLI before v0.14.2. Root cause: improper neutralization of triple-quote characters during code generation, enabling an authenticated remote actor to run arbitrary code. Impact: potential execution...

Medium: perl-Crypt-PasswdMD5

Issue Overview: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts. The built-in rand function is predictable, and unsuitable for cryptography. CVE-2026-6659 Affected Packages: perl-Crypt-PasswdMD5 Issue Correction: Run dnf update perl-Crypt-PasswdMD5...

AgentCore CLI 代码注入漏洞

AgentCore CLI is an open-source AI agent development and deployment command-line tool developed by Amazon Web Services. Versions of AgentCore CLI prior to 0.14.2 contained a code injection vulnerability. This vulnerability stemmed from improper use of triple quotes in Python code generation. It...

Debian dsa-6318 : gstreamer1.0-gtk3 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6318 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6318-1 [email protected] https://www.debian.org/securit...

CVE-2025-54518

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...