Linux Distros Unpatched Vulnerability : CVE-2026-9572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function MediaGetSample of the file src/isomedia/media.c of the...

Claude SDK for TypeScript 安全漏洞

Claude SDK for TypeScript is an open-source development toolkit by Anthropic, designed for calling the Claude API using TypeScript. There were security vulnerabilities in versions of Claude SDK for TypeScript from 0.79.0 to 0.91.1. These vulnerabilities stemmed from BetaLocalFilesystemMemoryTool...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stexqueuecommandlck lacks a memset for the PASSTHRUCMD case...

Astra Linux - уязвимость в linux-firmware

A GPU kernel can read sensitive data from another GPU kernel even from another user or application through an optimized GPU memory region called local memory on various architectures...

Unity Linux 20.1070e Security Update: binutils (UTSA-2026-015476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015476 advisory. A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elfgcsweep of the file bfd/elflink.c of t...

vantix

Vantix Vantix is a Codex-native offensive-security control pl...

RHEL 10 : kernel (RHSA-2026:6632)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6632 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel net/mlx5:...

CVE-2026-34450 Claude SDK for Python: Insecure Default File Permissions in Local Filesystem Memory Tool

The Claude SDK for Python provides access to the Claude API from Python applications. From version 0.86.0 to before version 0.87.0, the local filesystem memory tool in the Anthropic Python SDK created memory files with mode 0o666, leaving them world-readable on systems with a standard umask and...

EulerOS Virtualization 2.12.1 : binutils (EulerOS-SA-2026-1418)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copysecti...

Portwell Engineering Toolkits 缓冲区错误漏洞

Portwell Engineering Toolkits is a software development and management toolkit developed by Portwell Company in Singapore. Version 4.8.2 of Portwell Engineering Toolkits contains a buffer error vulnerability. This vulnerability stems from improper restrictions on memory buffer operations, which m...

PT-2026-22516

A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud wav.cpp of the component WAV File Parser. Performing a manipulation results in memory corruption. The attack must be initiated from a local...

DEBIAN-CVE-2026-3145

A flaw has been found in libvips up to 8.18.0. The affected element is the function vipsforeignloadmatrixfileisa/vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched locally. This patch is...

CVE-2026-3145

A flaw has been found in libvips up to 8.18.0. The affected element is the function vipsforeignloadmatrixfileisa/vipsforeignloadmatrixheader of the file libvips/foreign/matrixload.c. Executing a manipulation can lead to memory corruption. The attack needs to be launched locally. This patch is...

CVE-2023-20601

CVE-2023-20601 affects the RAS TA Driver. The issue is improper input validation that can allow a local attacker to read/write out-of-bounds memory, potentially causing a denial-of-service. Red Hat and NVD entries corroborate the vulnerability description; exploitation is local and implies elevat...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-1998

A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...

Linux Distros Unpatched Vulnerability : CVE-2026-1998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory...

About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability

About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...

MiracleLinux 8 : ncurses-6.1-9.20180224.el8.1 (AXSA:2023-6443:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6443:01 advisory. ncurses: Local users can trigger security-relevant memory corruption via malformed data CVE-2023-29491 Tenable has extracted the preceding description block...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000737 advisory. The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure...