CVE-2026-46256

A flaw was found in the Linux kernel, specifically within the NFS Network File System LOCALIO optimization. This vulnerability allows for a recursion deadlock to occur during direct reclaim operations. When LOCALIO attempts to write pages back into NFS via nfswritepages, it can lead to a system...

EUVD-2026-34115

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called multiple times for the same persistentramzone e.g., via ramoopspstoreread - ramoopsgetnextprz for PSTORETYPEDMESG records. Currently, the...

EUVD-2025-210057

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

ROOT-APP-MAVEN-CVE-2025-8885 CVE-2025-8885 in io.root.org.bouncycastle:bc-fips - Patched by Root

Root has patched CVE-2025-8885 in the io.root.org.bouncycastle:bc-fips package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-7962 CVE-2025-7962 in io.root.org.eclipse.angus:smtp - Patched by Root

Root has patched CVE-2025-7962 in the io.root.org.eclipse.angus:smtp package for Root:Maven. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2026-23005 CVE-2026-23005 in rootio-linux - Patched by Root

Root has patched CVE-2026-23005 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2025-21809 CVE-2025-21809 in rootio-linux - Patched by Root

Root has patched CVE-2025-21809 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ChangeDetection.io <= v0.50.33 - Stored XSS via Watch API

changedetection.io = 0.50.34 contains a stored cross site scripting caused by insufficient security checks in the Watch update API, letting attackers execute arbitrary JavaScript when users preview malicious links, exploit requires user interaction id: CVE-2025-62780 info: name: ChangeDetection.i...

PT-2026-46019

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs writepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

CVE-2026-41412 alf.io vulnerable to Arbitrary File Read and Exfil via simpleHttpClient Extension Script

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client simpleHttpClient into every extension script's scope. The postFileAndSaveResponse method accep...

ROOT-APP-MAVEN-CVE-2026-42498 CVE-2026-42498 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-42498 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2025-48988 CVE-2025-48988 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root

Root has patched CVE-2025-48988 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-24734 CVE-2026-24734 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-24734 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-37803 CVE-2025-37803 in rootio-linux - Patched by Root

Root has patched CVE-2025-37803 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

PT-2026-45971

These are all security issues fixed in the perl-IO-Compress-2.220.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10939-1 perl-IO-Compress-2.220.0-1.1 on GA media

These are all security issues fixed in the perl-IO-Compress-2.220.0-1.1 package on the GA media of openSUSE Tumbleweed...

ROOT-APP-MAVEN-CVE-2024-22259 CVE-2024-22259 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-22259 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2024-22262 CVE-2024-22262 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-22262 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

Woo Inquiry <= 0.1 - SQL Injection

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

Qualcomm Chipsets security vulnerabilities

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from concurrent modifications to user-space buffer areas, leading to memory corruption when processing IOCTL requests with mismatched API versions...