1151 matches found
CVE-2026-43425
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...
CVE-2026-43425
In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800deviceread submits downloadurb and waits for completion. If the timeout fires and the device has not responded, the function returns without killing the URB, leaving it activ...
CVE-2026-42276
Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...
CVE-2026-43255
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active e.g. during...
CVE-2026-43203
The CVE covers a Linux kernel fore200e ATM driver use-after-free during device removal (PCA-200E/SBA-200E). Vulnerability arises when tx_tasklet/rx_tasklet run or pending after fore200e is freed, risking access to freed memory. The published fixes synchronize tasklets with device shutdown by addi...
PT-2026-37446
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the hfsplus filesystem when converted to the new mount API due to a change in the allocation pattern of sb-s fs info. If the setup bdev super function fails after...
PT-2026-37557
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris kill session, inst-state is set to IRIS INST ERROR and session close is executed, which will kfreeinst hfi gen2-packet. If stop streaming is called afterward, it will...
Linux Distros Unpatched Vulnerability : CVE-2026-43255
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: libertas: fix WARNING in usbtxblock The function usbtxblock submits cardp-txurb without ensuring that any previous transmission on this URB has completed...
CVE-2026-34462
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...
Astra Linux - уязвимость в linux-5.15, linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs do not race and cause null pointer dereference when host suddenly dies. Usb core may call xhcifreedev which frees the xhci-devssloti...
Astra Linux - уязвимость в nano
A vulnerability was discovered in GNU Nano, which allows for potential privilege escalation through an insecure temporary file. If Nano is terminated while editing, a file that it saves to an emergency file, with permissions set to those of the running user, creates an opportunity for attackers t...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: USB: core: Fixed a hang issue in usbkillurb by adding memory barriers. The syzbot fuzzer has identified a bug in which processes hang while waiting for usbkillurb to return. It turns out that the issue isn’t related to unmounting...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tee: optee: Fix supplicant wait loop The OP-TEE supplicant is a user-space daemon, and it is possible for it to be hung, crashed, or terminated mid-processing an OP-TEE RPC call. This issue becomes more complex when there is...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fixed a deadlock between nfcunregisterdevice and rfkillfopwrite. A deadlock can occur between nfcunregisterdevice and rfkillfopwrite due to the inverted lock order between devicelock and rfkillglobalmutex. The problemat...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fixed a deadlock in drmschedentitykilljobscb. The Mesa issue mentioned above identified a possible deadlock scenario: 1231.611031 Possible interrupt-unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ----...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: The WARNON message in nouveaufencecontextkill has been fixed. Nouveau is designed in such a way that it is expected that fences are only signaled through nouveaufencesignal. However, at least in one other place,...
Threatswarm
27 scope-enforced AI agents that run the full pentest kill-cha...
Webinar: How to Automate Exposure Validation to Match the Speed of AI Attacks
In February 2026, researchers uncovered a shift that completely changed the game: threat actors are now using custom AI setups to automate attacks directly into the kill chain. We aren't just talking about AI writing better phishing emails anymore. We’re talking about autonomous agents mapping...
net: rfkill: prevent unlimited numbers of rfkill events from being created
...
CVE-2026-35369
An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send the default signal SIGTERM to PID -1. Sending a signal to PID -1 causes the kernel to terminate all processes visible to the caller, potentially leading to a system crash or massi...