Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001457 advisory. Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected...

CVE-2021-47756 Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication...

CVE-2025-59959

An Untrusted Pointer Dereference vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial-of-Service DoS. When the command 'show route detail' is executed, and at least one of th...

CVE-2021-47765 AbsoluteTelnet 11.24 - 'Username' Denial of Service (PoC)

AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. Attackers can trigger the crash by inserting 1000 characters into the username or email address fields, causing the application to...

PT-2026-3035

MTPutty 1.0.1.21 contains a sensitive information disclosure vulnerability that allows local attackers to view SSH connection passwords through Windows PowerShell process listing. Attackers can run a PowerShell command to retrieve the full command line of MTPutty processes, exposing plaintext SSH...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002450)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002450 advisory. crypto/algifskcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AFALG socket before an accept system call is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002876)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002876 advisory. An issue where a provided address with accessok is not checked was discovered in i915gemexecbuffer2ioctl in drivers/gpu/drm/i915/i915gemexecbuffer.c in the Linux...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003176)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003176 advisory. kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also...

CVE-2026-20953

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-20822

Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000564 advisory. mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to...

CVE-2026-20876

Heap-based buffer overflow in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to elevate privileges locally...

CVE-2026-20859

Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally...

CVE-2026-20843

Improper access control in Windows Routing and Remote Access Service RRAS allows an authorized attacker to elevate privileges locally...

CVE-2026-20815

Concurrent execution using shared resource with improper synchronization 'race condition' in Capability Access Management Service camsvc allows an authorized attacker to elevate privileges locally...

CVE-2026-20952

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

CVE-2026-20864

CVE-2026-20864 describes a heap-based buffer overflow in the Connected Devices Platform Service (Cdpsvc) on Windows that enables an authorized local attacker to elevate privileges. The vulnerability affects Cdpsvc and is rated high (CVSS v3.1 base 7.8; Local, Low Attack Complexity, Privileges Req...

CVE-2026-20811

Access of resource using incompatible type 'type confusion' in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

CVE-2026-20809

Time-of-check time-of-use toctou race condition in Windows Kernel Memory allows an authorized attacker to elevate privileges locally...

CVE-2026-0404

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default...