CVE-2026-7764

An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...

CVE-2026-7764

An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...

CVE-2026-7764 Out-of-bounds read in morse.ko Vendor IE processing

An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...

EUVD-2026-34189

An out-of-bounds read vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.12 allows an unauthenticated attacker within radio range to disclose a small amount of kernel heap memory or cause a Denial of Service kernel oops/panic via a...

Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution

Summary The environment variables KERNELXXX used during the rendering of the Kubernetes manifest are vulnerable to Server Side Template Injection SSTI. By including Jinja2 template expressions it is possible to execution Python code and OS Commands in the Enterprise Gateway service. The code can...

Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNELUID or KERNELGID value. The feature...

GHSA-CHQ7-94J8-CJ28 Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNELUID or KERNELGID value. The feature...

CVE-2026-46258

A flaw was found in the Linux kernel's gpio: cdev module. A NULL pointer dereference in the linehandlecreate function can occur, leading to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

CVE-2026-46245

A flaw was found in the Linux kernel's AMD GPU display driver. The amdgpudmhpdinit function, responsible for Hot-Plug Detect HPD initialization, may attempt to dereference a null dclink when handling certain connectors. This unconditional dereference can lead to a system crash, allowing a local...

CVE-2026-46260

A flaw was found in the Linux kernel's IPv6 networking subsystem. This vulnerability, an out-of-bound read, occurs during the creation of an IPv6 route with specific parameters. A local attacker could exploit this flaw to cause memory corruption, potentially leading to system instability or a...

CVE-2026-46273

A flaw was found in the Linux kernel's ibmveth driver. This vulnerability occurs when physical adapters on Power systems attempt to perform Generic Segmentation Offload GSO with a Maximum Segment Size MSS less than 224 bytes. A remote attacker could exploit this by sending specially crafted netwo...

CVE-2026-46254

A flaw was found in the Linux kernel's AppArmor security module. This vulnerability arises when AppArmor processes unaligned Deterministic Finite Automaton DFA tables, which can originate from either kernel or userspace. The unaligned memory access triggered by these tables can lead to system...

CVE-2026-46250

A flaw was found in the Linux kernel, specifically affecting the MIPS architecture when compiled with LLVM. This vulnerability occurs because LLVM incorrectly restores the $gp register, which is used as a global register variable, after it has been intentionally modified during kernel relocation...

CVE-2026-46268

A flaw was found in the Linux kernel's PCI/P2PDMA subsystem. Specifically, a warning condition in the p2pmemallocmmap function can be triggered due to an incorrect page reference count assertion. This issue occurs when the CONFIGDEBUGVM option is enabled, leading to kernel warning messages. While...

CVE-2026-46271

A flaw was found in the Linux kernel's ath12k Wi-Fi driver. When a multi-link connection is active, the firmware incorrectly enables Wake-on-Wireless WoW offloads on both primary and secondary links. This misconfiguration can lead to a firmware crash on WCN7850 devices, resulting in a Denial of...

CVE-2026-46244

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

CVE-2026-46262

A flaw was found in the Linux kernel's audio subsystem, specifically in the fslxcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become...

CVE-2026-46270

A flaw was found in the Linux kernel's power supply driver, specifically in the rt9455 component. This vulnerability, a use-after-free, occurs due to a race condition during the system's shutdown process where an interrupt can access memory that has already been released. This can lead to system...

CVE-2026-46269

A flaw was found in the Linux kernel's k230 pinctrl driver. During the probing process, a NULL pointer dereference can occur when parsing the devicetree. This vulnerability allows a local attacker to trigger a system crash, leading to a Denial of Service DoS. The issue arises from attempting to...

CVE-2026-46266

A flaw was found in the Linux kernel's handling of RAW sockets using IPPROTORAW. A remote attacker could send a specially crafted ICMP Internet Control Message Protocol packet. This malicious packet could set the protocol field to 255, causing it to be processed by a RAW socket configured for...