UERANSIM 安全漏洞

UERANSIM is an open-source advanced 5G UE and RAN gNodeB simulator developed by Ali Güngör of Turkey. Versions of UERANSIM 3.2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the parameter pdulength in the Radio Link Simulation Layer...

PT-2026-35569

Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys...

tls: Purge async_hold in tls_decrypt_async_wait()

...

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

OpenClaw: Agent gateway config mutations could change protected operator settings

Affected Packages / Versions - Package: openclaw npm - Affected versions: 2026.4.20 - Patched version: 2026.4.20 Impact The agent-facing gateway config.patch / config.apply guard did not cover several operator-trusted settings, including sandbox policy, plugin enablement, gateway auth/TLS, hook...

[SECURITY] Fedora 44 Update: coturn-4.10.0-1.fc44

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

[SECURITY] Fedora 44 Update: buildah-1.43.1-1.fc44

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

UNSEEN: A Cross-Stack LLM Unlearning Defense against AR-LLM Social Engineering Attacks

Emerging AR-LLM-based Social Engineering attack e.g., SEAR is at the edge of posing great threats to real-world social life. In such AR-LLM-SE attack, the attacker can leverage AR Augmented Reality glass to capture the image and vocal information of the target, using the LLM to identify the targe...

From Stateless Queries to Autonomous Actions: A Layered Security Framework for Agentic AI Systems

Agentic AI systems face security challenges that stateless large language models do not. They plan across extended horizons, maintain persistent memory, invoke external tools, and coordinate with peer agents. Existing security analyses organize threats by attack type prompt injection, jailbreakin...

FreeBSD : OpenVPN -- server DOS and data leak in TLS handshake vulnerabilities (549313db-3e93-11f1-8d38-7fbbe0285610)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 549313db-3e93-11f1-8d38-7fbbe0285610 advisory. Gert Doering reports: Security fixes in 2.7.2 Tenable has extracted the preceding description...

CVE-2026-31629

A flaw was found in the Linux kernel's Near Field Communication NFC Logical Link Control Protocol LLCP subsystem. Missing return statements after LLCPCLOSED checks in the nfcllcprecvhdlc and nfcllcprecvdisc functions can lead to a use-after-free vulnerability. This occurs because the system...

CVE-2026-42035

Axios prior to versions 1.15.1 and 0.31.1 contains a prototype pollution gadget in the HTTP adapter (lib/adapters/http.js) that can inject arbitrary HTTP headers into outgoing requests. The issue occurs when Object.prototype is polluted with getHeaders, append, pipe, on, once, and Symbol.toString...

go-zserio has Unbounded Memory Allocation for All Platforms

Impact When deserializing arrays, strings or bytes blob types zserio first reads the size of the variable, and then allocates sufficient memory to load data. Since the size is always trusted this can be abused by creating a data file with a large size value, causing the zserio runtime to allocate...

CVE-2026-31533

A flaw was found in the Linux kernel's net/tls component. Incorrect error handling in the tlsdoencryption function, specifically when a cryptographic request returns an error, leads to a double cleanup of internal data structures. This can result in a use-after-free vulnerability, where memory is...

CVE-2026-31629

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...

EUVD-2026-25522

In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCPCLOSED checks In nfcllcprecvhdlc and nfcllcprecvdisc, when the socket state is LLCPCLOSED, the code correctly calls releasesock and nfcllcpsockput but fails to return. Execution falls throu...

CVE-2026-31629

The CVE-2026-31629 vulnerability affects the Linux kernel NFC LLCP subsystem. Specifically, in nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket state is LLCP_CLOSED, the code correctly releases resources but lacks an early return, causing fall-through to subsequent release calls. Th...

USN-8180-5 linux-ibm, linux-ibm-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

USN-8180-5: Linux kernel (IBM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...