CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

PT-2026-47356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A crash can occur during early boot if the kernel command line parameters hugepages, hugepagesz, or default hugepagesz are...

CVE-2026-8235 8421bit MiniClaw System kernel.ts resolveSkillScriptPath os command injection

A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulation results in os command injection. The exploit is now public and may be used. The patch is...

Exploit for CVE-2026-31431

CVE-2026-31431 "Copy Fail" — Ansible Mitigation Recipe !C...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104 Unlocked Bootloader in dormakaba access manager

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

EUVD-2025-206371

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

CVE-2025-59104

The CVE-2025-59104 issue affects a dormakaba access manager where an attacker with physical access can solder to the debug footprint or connect a 6-Pin tag‑connect cable to access the bootloader. The vulnerable vector allows changing the kernel command line and ultimately obtaining a root shell. ...

PT-2026-4754

With physical access to the device and enough time an attacker is able to solder test leads to the debug footprint or use the 6-Pin tag-connect cable. Thus, the attacker gains access to the bootloader, where the kernel command line can be changed. An attacker is able to gain a root shell through...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000265 advisory. A memory leak in the ath9kwmicmd function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service...

EUVD-2025-201467

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator...

GHSA-XRV8-2PF5-F3Q7 nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

EUVD-2019-18841

Malware in sbrugna...

EUVD-2025-26084

Malicious code in bioql PyPI...

iommu/amd: Avoid stack buffer overflow from kernel cmdline

...

CVE-2025-38676

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Avoid stack buffer overflow from kernel cmdline While the kernel command line is considered trusted in most environments, avoid writing 1 byte past the end of "acpiid" if the "str" argument is maximum length...