RHSA-2026:19572 Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update

Bulletin has no description...

GO-2026-4992 SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE in github.com/siyuan-note/siyuan/kernel

SiYuan Affected by Stored XSS via Attribute View Name to Electron Renderer RCE in github.com/siyuan-note/siyuan/kernel...

UBUNTU-CVE-2026-43185

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

UBUNTU-CVE-2026-43209

In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...

UBUNTU-CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

UBUNTU-CVE-2026-43272

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer headpage in rbmetavalidateevents which is not initialized at the beginning of a function. This pointer can be dereferenced if there is a failure...

UBUNTU-CVE-2026-31757

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

UBUNTU-CVE-2026-31722

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Fix netdevice lifecycle with devicemove The netdevice is allocated during function instance creation and registered during the bind phase with the gadget device as its sysfs parent. When the function unbinds,...

UBUNTU-CVE-2026-31701

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...

UBUNTU-CVE-2026-31583

In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xxv4l2open em28xxv4l2open reads dev-v4l2 without holding dev-lock, creating a race with em28xxv4l2init's error path and em28xxv4l2fini, both of which free the em28xxv4l2 struct and set...

UBUNTU-CVE-2026-31668

In the Linux kernel, the following vulnerability has been resolved: seg6: separate dstcache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dstcache per encap route, shared between seg6inputcore and seg6outputcore. These two paths can perform the post-encap SID lookup ...

GO-2026-4843 SiYuan has directory traversal within its publishing service in github.com/siyuan-note/siyuan/kernel

SiYuan has directory traversal within its publishing service in github.com/siyuan-note/siyuan/kernel...

GO-2026-4722 SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service in github.com/siyuan-note/siyuan/kernel

SiYuan Vulnerable to Arbitrary File Read in Desktop Publish Service in github.com/siyuan-note/siyuan/kernel...

GO-2026-4386 SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal in github.com/siyuan-note/siyuan/kernel

SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal in github.com/siyuan-note/siyuan/kernel...

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

EUVD-2025-93485

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-31948

Improper input validation for some IntelR oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

PT-2025-46424

Name of the Vulnerable Software and Affected Versions Intel oneAPI Math Kernel Library versions prior to 2025.2 Description The software contains an improper input validation issue within Ring 3: User Applications that may allow for a denial of service. An unprivileged software adversary with an...

EUVD-2024-26014

Malicious code in bioql PyPI...