CVE-2026-8235 8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Ansible Mitigation Recipe !C...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

EUVD-2025-206371

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

PT-2026-4754

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000265 advisory. A memory leak in the ath9kwmicmd function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service...

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

EUVD-2025-201467

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator...

GHSA-XRV8-2PF5-F3Q7 nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

EUVD-2019-18841

Malware in sbrugna...

EUVD-2025-26084

Malicious code in bioql PyPI...

iommu/amd: Avoid stack buffer overflow from kernel cmdline

...

CVE-2025-38676

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length...

Ubuntu 25.04 : Linux kernel (Azure) vulnerabilities (USN-7721-1)

"The remote Ubuntu 25.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7721-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in th...

AZL-66692 CVE-2025-38676 affecting package kernel for versions less than 6.6.96.2-1

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length...