CVE-2026-49185

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

CVE-2026-49185 Instruction Injection via FieldX MDM

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

CVE-2026-10566

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

EUVD-2026-33872

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by a vulnerability in Next.js (CVE-2025-48068)

Summary A vulnerability involving cross-site WebSocket hijacking in the Next.js framework CVE-2025-48068 used by IBM InfoSphere Optim Archive Viewer has been addressed by upgrading to version 15.5.15. Vulnerability Details CVEID:CVE-2025-48068 DESCRIPTION: Next.js is a React framework for buildin...

[SECURITY] Fedora 43 Update: haveged-1.9.22-1.fc43

A Linux entropy source using the HAVEGE algorithm Haveged is a user space entropy daemon which is not dependent upon the standard mechanisms for harvesting randomness for the system entropy pool. This is important in systems with high entropy needs or limited user interaction e.g. headless server...

[SECURITY] [DSA 6311-1] php-twig security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6311-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 29, 2026 https://www.debian.org/security/faq -...

CVE-2026-46204

A flaw was found in the Linux kernel's AMD GPU Graphics Processing Unit driver, specifically within the drm/amdgpu/vcn4 component. This vulnerability allows for an out-of-bounds read when processing an Instruction Buffer IB. An attacker could potentially exploit this to read sensitive information...

CVE-2026-46218

A flaw was found in the Linux kernel's drm/amdgpu driver. The uvd/vce/vcn code accesses the Instruction Buffer IB without sufficient bounds checking, which could allow an attacker to trigger an out-of-bounds memory access. This vulnerability may lead to system instability or a denial of service...

CVE-2026-46174

A flaw was found in the Linux kernel, specifically within the x86/CPU/AMD Zen2's op cache. This vulnerability arises from improper isolation of shared resources, which can lead to instruction corruption. The consequence of this flaw is that it may cause unexpected behavior or instability within t...

CVE-2026-46204

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB Rewrite the IB parsing to use amdgpuibgetvalue which handles the bounds checks...

UBUNTU-CVE-2026-46204

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Prevent OOB reads when parsing IB Rewrite the IB parsing to use amdgpuibgetvalue which handles the bounds checks...

UBUNTU-CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

UBUNTU-CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

CVE-2026-46174

In CVE-2026-46174, the Linux kernel vulnerability affects x86/CPU/AMD Zen2 by allowing improper isolation of shared resources in the Zen2 op cache, potentially leading to instruction corruption. The issue has been resolved in the Linux kernel, with Debian and Root packaging advisories noting fixe...

EUVD-2026-32801

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

CVE-2026-46174 x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

SUSE CVE-2026-45967

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

CodeWhale 代码注入漏洞

CodeWhale is a terminal coding intelligence tool developed by Hunter Bown. Versions of CodeWhale from 0.3.0 to 0.8.23 contain a code injection vulnerability. This vulnerability arises from the runtests tool executing cargo test with ApprovalRequirement::Auto, allowing for the compilation and...