Linux Distros Unpatched Vulnerability : CVE-2026-4541

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed255...

CVE-2026-27670 OpenClaw < 2026.3.2 - Arbitrary File Write via ZIP Extraction Parent Symlink Race Condition

OpenClaw versions prior to 2026.3.2 contain a race condition vulnerability in ZIP extraction that allows local attackers to write files outside the intended destination directory. Attackers can exploit a time-of-check-time-of-use race between path validation and file write operations by rebinding...

CVE-2026-3385

A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wrencompiler.c. The manipulation results in uncontrolled recursion. Attacking locally is a requirement. The exploit is now public and may be used. The project was informed of the...

CVE-2026-3283 libvips extract.c vips_extract_band_build out-of-bounds

A vulnerability has been found in libvips 8.19.0. This issue affects the function vipsextractbandbuild of the file libvips/conversion/extract.c. The manipulation of the argument extractband leads to out-of-bounds read. The attack needs to be performed locally. The exploit has been disclosed to th...

CVE-2026-3146

CVE-2026-3146 affects libvips up to 8.18.0. The vulnerable element is vips_foreign_load_matrix_header in libvips/foreign/matrixload.c , which may trigger a null pointer dereference . Exploitation requires local access. The patch identifier is d4ce337c76bff1b278d7085c3c4f4725e3aa6ece and applying ...

UBUNTU-CVE-2025-5647

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function rconscontextbreakpop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The...

CVE-2024-57492

An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the rounduptopage funciton...

USN-3455-1 wpa vulnerabilities

Mathy Vanhoef discovered that wpasupplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,...

Xen 'memory_exchange' function denial of service vulnerability (CNVD-2015-08351)

Xen is an open source virtual machine monitor product developed at the University of Cambridge in the United Kingdom. The 'memoryexchange' function in the Xen common/memory.c file fails to properly handle the return page of a domain, allowing a local attacker to exploit this vulnerability to cras...