SUSE-SU-2026:0760-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues: Update to version 1.25.7. Security issues fixed: - CVE-2025-61732: cmd/go: discrepancy between Go and C/C++ comment parsing allows for C code smuggling bsc1257692. - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated...

OliveTin has Unauthenticated Action Termination via KillAction When Guests Must Login

Summary OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. In the tested release 3000.10.2, guests are correctly blocked from dashboard access, but an still call the KillAction RPC directly and successfully...

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

CVE-2026-21509 Office Kill-Bit Manager PowerShell script to...

CVE-2026-27486 OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes...

CVE-2026-27486

OpenClaw CVE-2026-27486 affects the OpenClaw CLI up to version 2026.2.13, where cleanup uses system-wide process enumeration and pattern-based termination without verifying process ownership. On shared hosts, unrelated processes matching the pattern could be terminated. The issue is addressed in ...

CVE-2026-27486 OpenClaw: Process Safety - Unvalidated PID Kill via SIGKILL in Process Cleanup

OpenClaw is a personal AI assistant. In versions 2026.2.13 and below of the OpenClaw CLI, the process cleanup uses system-wide process enumeration and pattern matching to terminate processes without verifying if they are owned by the current OpenClaw process. On shared hosts, unrelated processes...

SUSE CVE-2025-71230

In the Linux kernel, the following vulnerability has been resolved: hfs: ensure sb-sfsinfo is always cleaned up When hfs was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocated by...

CVE-2025-71230 hfs: ensure sb->s_fs_info is always cleaned up

In the Linux kernel, the following vulnerability has been resolved: hfs: ensure sb-sfsinfo is always cleaned up When hfs was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. If setupbdevsuper fails after a new superblock has been allocated by...

Linux Distros Unpatched Vulnerability : CVE-2025-71230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfs: ensure sb-sfsinfo is always cleaned up When hfs was converted to the new mount api a bug was introduced by changing the allocation pattern of sb-sfsinfo. I...

The Promptware Kill Chain

Attacks against modern generative artificial intelligence AI large language models LLMs pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously myopic. The dominant narrative focuses on "prompt injection," a set of techniques to embed instructions int...

SUSE CVE-2026-23167

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been destroyed before nciclosedevice was called via rfkill. ncidev.cmdwq is...

CVE-2026-23167

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been destroyed before nciclosedevice was called via rfkill. ncidev.cmdwq is...

UBUNTU-CVE-2026-23102

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

EUVD-2026-5440

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds...

CVE-2026-23102

CVE-2026-23102 affects the ARM64/Linux kernel path arm64/fpsimd: signal, where restoring SVE signal context with SME enabled can put a task into an invalid state. The vulnerability allows out-of-bounds memory reads or a potential fatal fault, or task termination via SIGKILL, if SVE signal data is...

CVE-2026-24514

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free

A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...

kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free

A vulnerability was found in isosockkill in net/bluetooth/iso.c in Bluetooth protocol stack in the Linux Kernel. In this flaw if the conn-sk is not set to NULL may lead to UAF on isoconnfree...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004886)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004886 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregiste...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38436)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38436 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence wh...