CVE-2026-57437 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression...

CVE-2026-57437

Nokogiri (Ruby) vulnerable in versions prior to 1.19.4 due to Nokogiri::XML::XPathContext not keeping the source document alive for GC. If an XPathContext outlives its document and the document is collected, evaluating an XPath expression could read invalid memory and potentially segfault. This i...

CVE-2026-52809

Gogs is an open source self-hosted Git service. Prior to 0.14.3, password-reset tokens are generated using conf.Auth.ActivateCodeLives the account-activation lifetime, not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted fr...

CVE-2026-52809

Gogs (CVE-2026-52809) generates password-reset tokens using the ActivateCodeLives lifetime, not the configured ResetPasswordCodeLives. As a result, even if an admin sets a short RESET_PASSWORD_CODE_LIVES (e.g., 10 minutes), reset tokens remain valid for the full activation lifetime (e.g., 180 min...

CVE-2026-52809 Gogs: Password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVES

Gogs is an open source self-hosted Git service. Prior to 0.14.3, password-reset tokens are generated using conf.Auth.ActivateCodeLives the account-activation lifetime, not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted fr...

CVE-2026-56116

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

Gogs's password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVES

Summary Password-reset tokens are generated using conf.Auth.ActivateCodeLives the account-activation lifetime, not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted from the token at verification time, making...

GHSA-5C3F-6486-3G7G Gogs's password-reset tokens use account-activation lifetime, ignoring RESET_PASSWORD_CODE_LIVES

Summary Password-reset tokens are generated using conf.Auth.ActivateCodeLives the account-activation lifetime, not conf.Auth.ResetPasswordCodeLives. The token lifetime is baked into the token itself at generation time and is re-extracted from the token at verification time, making...

CVE-2026-56116 dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

CVE-2026-56116

CVE-2026-56116 affects dhcpcd up to version 10.3.2. The vulnerability is in the IPv6 Router Advertisement route information handling, where a memory leak can be triggered by an unauthenticated, same-link attacker sending crafted Router Advertisements. Specifically, Router Advertisements containin...

PT-2026-51627

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Password-reset tokens are generated using the account-activation lifetime conf.Auth.ActivateCodeLives instead of the intended password-reset lifetime conf.Auth.ResetPasswordCodeLives. Because the token...

GHSA-P67V-3W7G-WJG7 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

Summary Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression could read invalid memory and potentially segfault. This is only reachable when application co...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: hwmon: coretemp Simplified platform device handling Coretemp’s platform driver is unconventional. All the actual processing is performed globally by the initcall and CPU hotplug notifiers. The “driver” essentially just wraps t...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: spufs: Fixing gang directory lifetimes Prior to “POWERPC spufs: Fix gang destroy leaks”, we had a problem with gang lifetimes. When a gang was created, it would return an opened gang directory, which is normally removed when t...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: aio: Fixed a use-after-free issue due to missing POLFREE handling. signalfdpoll and binderpoll are special because they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: Better tracking of kernel sockets’ lifetimes While kernel sockets are destroyed during pernetoperations-exit, their freeing can be delayed due to any TX packets still held in qdisc or device queues. This occurs because of...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: pnvphp: Clean up allocated IRQs on unplug When the root of a nested PCIe bridge configuration is unplugged, the pnvphp driver leaks the allocated IRQ resources for the child bridges’ hotplug event notifications, resulting in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd: Fixed a race condition during abort for file descriptors fput does not actually call fileoperations’ release method synchronously. Instead, it places the file in a work queue and releases it eventually. This is generally...

Missing Release of Memory after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Memory after Effective Lifetime due to improper cleanup of pooled direct-memory buffers in the RedisArrayAggregator function. An attacker can exhaust the JVM-wide direct-memory pool by repeatedly opening and closing...