PT-2026-39788

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination or write kernel memory...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

PT-2026-39816

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iPadOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities, which...

PT-2026-39848

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iPadOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

PT-2026-39840

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

CVE-2026-43450

A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...

EUVD-2026-28557

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

UBUNTU-CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

CVE-2026-43287 drm: Account property blob allocations to memcg

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

CVE-2026-43287

In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory. Currently, the blob data allocation is not accounted to the allocatin...

PT-2026-38929

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The DRM IOCTL MODE CREATEPROPBLOB ioctl allows userspace to allocate arbitrary-sized property blobs using kernel memory. Because these allocations are not accounted to the allocating...

Linux Distros Unpatched Vulnerability : CVE-2026-43287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm: Account property blob allocations to memcg DRMIOCTLMODECREATEPROPBLOB allows userspace to allocate arbitrary-sized property blobs backed by kernel memory...

Linux Distros Unpatched Vulnerability : CVE-2026-43451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data...

EUVD-2026-27796

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...

EUVD-2026-27711

In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it to ofpropertyreadu32array...

EUVD-2026-27698

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43206

Summary: CVE-2026-43206 affects the Linux kernel’s drm/amdkfd component. The function kfd_event_page_set() writes KFD_SIGNAL_EVENT_LIMIT * 8 bytes using memset without validating the destination buffer size, allowing an unprivileged local user to trigger an out-of-bounds memory write and potentia...