CVE-2026-35202

Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets users bypass their assigned limits for database allocations. This happens because the database locking mechanism used in the controllers is totally broke...

Linux Distros Unpatched Vulnerability : CVE-2026-46008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the...

CVE-2026-35202

Pterodactyl is a free, open-source game server management panel. Prior to version 1.12.3, the Pterodactyl Client API has a logic flaw that lets users bypass their assigned limits for database allocations. This happens because the database locking mechanism used in the controllers is totally broke...

CVE-2026-43215

The CVE-2026-43215 issue affects the Linux kernel CIFS implementation: the code used cifs_tcp_ses_lock to guard tcon fields, but this lock protected more than intended. The patch introduces more granular locking (tc_lock) within tcon-related structures (in addition to srv_lock and ses_lock) to re...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper use of the tcon field in the cifs driver’s locking mechanism. This vulnerability may lead to...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: Race conditions between subflow failures and additional subflow creations. We have race conditions similar to those addressed by the previous patch, between subflow failures and additional subflow creations. However, these...

UBUNTU-CVE-2026-25612

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

Race Condition

node-tar is vulnerable to a Race Condition Vulnerability. The vulnerability is due to improper handling of Unicode path collisions in the PathReservations locking mechanism on normalization-insensitive or case-insensitive filesystems, which allows an attacker to exploit race conditions using...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect handling of the locking mechanism, which could lead to a race condition...

CVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...

ZITADEL 安全漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the age of containers and serverless, open sourced by ZITADEL in Switzerland. A security vulnerability exists in ZITADEL versions prior to 4.6.0, prior to 3.4.3, and prior to 2.71.18, which...

EUVD-2018-8094

Malware in sbrugna...

EUVD-2025-13118

Malicious code in bioql PyPI...

EUVD-2024-53240

Malicious code in bioql PyPI...

EUVD-2025-22631

Malicious code in bioql PyPI...

EUVD-2025-5976

Malicious code in bioql PyPI...

can: bcm: add locking for bcm_op runtime updates

...

CVE-2025-38132

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...

CVE-2025-38132 coresight: holding cscfg_csdev_lock while removing cscfg from csdev

In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfgcsdevlock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU0 CPU1 perf enable load module cscfgloadconfigsets activate config. // sysfs sysactivecnt == 1...

CVE-2025-38132

CVE-2025-38132 : Linux kernel coresight race condition when removing cscfg from csdev. The issue occurs if a module load and config deactivate path races with iterating/removing config_csdev_list entries while holding csdev->cscfg_csdev_lock, allowing an entry delete to race with an active con...