Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013087 advisory. In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013045)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013045 advisory. In the Linux kernel, the following vulnerability has been resolved: net: read sk-skfamily once in skmcloop syzbot is playing with IPV6ADDRFORM quite a lot these days...

PT-2026-33988

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The sock recvfrom into method of asyncio.ProacterEventLoop on Windows lacks a boundary check for the data buffer when the nbytes parameter is used. This can lead to an out-of-bounds buffer wri...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010975)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010975 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011030)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011030 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: rockchip: Fix memory leak in rockchipclkregisterpll If clkregister fails, @pll-ratetable may...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011088)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011088 advisory. In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: leaf: Fix potential infinite loop in command parsers The kvaserusbleafwaitcmd and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013202)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013202 advisory. In the Linux kernel, the following vulnerability has been resolved: net: read sk-skfamily once in skmcloop syzbot is playing with IPV6ADDRFORM quite a lot these days...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010859)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010859 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted a...

Security update for clamav (moderate)

openSUSE security update: security update for clamav ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20479-1 Rating: moderate References: bsc1221954 bsc1258072 bsc1259207 Cross-References: CVE-2026-20031 CVSS scores: CVE-2026-20031 SUSE : 5.3...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011228)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011228 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Test Management is impacted by vulnerabilities in Apache PDFBox

Summary Vulnerabilities have been identified in Apache PDFBox, which is used in IBM Engineering Lifecycle Management - Engineering Test Management Vulnerability Details CVEID:CVE-2021-27807 DESCRIPTION: A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue...

CLSA-2026-1776441769 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

CLSA-2026-1776441540 expat: Fix of 4 CVEs

CVE-2017-9233: fix external entity infinite loop in entityValueInitProcessor and entityValueProcessor - CVE-2023-52425: add reparse deferral heuristic to prevent On^2 parsing of large tokens in small buffer refills; fix buffer growth calculation - CVE-2013-0340: add billion laughs entity...

GHSA-5H65-JX66-J7P5 FastChat has Denial of Service Through Blocking Event Loop in Model Workers (Incomplete Fix for ff66426)

A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function apigenerate of the component Worker API Endpoint. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed publicly and may be...

FastChat has Denial of Service Through Blocking Event Loop in Model Workers (Incomplete Fix for ff66426)

A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function apigenerate of the component Worker API Endpoint. The manipulation leads to resource consumption. The attack can be initiated remotely. The exploit has been disclosed publicly and may be...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archivereaddata processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This...

CVE-2026-41285

In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery ND option over a local network with length zero, because of an "ndoptlen 8 - 2" expression with no preceding check for whether ndoptlen is zero...

CVE-2026-41285

CVE-2026-41285 affects OpenBSD up to version 7.8, specifically the slaacd and rad daemons. The issue is a missing validation for ICMPv6 Neighbor Discovery ND options: when a crafted ND option with length zero is received, an expression nd_opt_len * 8 - 2 can execute without a preceding check, cau...