CVE-2026-44318

Summary: The vulnerability CVE-2026-44318 affects free5GC BSF before 4.2.2, where PUT /nbsf-management/v1/subscriptions/{subId} unsafely writes to the global Subscriptions map without proper locking in the create-if-absent path. A concurrent authenticated PUT can cause a race between a read (RLoc...

CVE-2026-44318 free5GC: BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/subId handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock via BSFContext.GetSubscriptionsubId, but if t...

GO-2026-4994 free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/{subId} crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf

free5GC's BSF concurrent PUT /nbsf-management/v1/subscriptions/subId crashes the BSF process via concurrent map read/write on Subscriptions in github.com/free5gc/bsf...

Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)

Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...

EUVD-2026-18098

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom. Opening a crafted V7 file may lead to arbitrary code execution on the affected product...

CVE-2026-32925

CVE-2026-32925 affects FUJI Electric V-SFT: stack-based buffer overflow in VS6ComFile!CV7BaseMap::WriteV7DataToRom for versions

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003163 advisory. In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces...

PT-2025-41547

Name of the Vulnerable Software and Affected Versions V-SFT versions prior to 6.2.7.0 Description A stack-based buffer overflow exists in the CV7BaseMap::WriteV7DataToRom function within the VS6ComFile component. This issue arises when opening specially crafted V-SFT files. Successful exploitatio...

Exploit for Incorrect Authorization in Linux Linux_Kernel

CVE-2018-18955 Linux local root exploit. Wrapper for Jann Horn...

The vulnerability of the map_write() function in “kernel/user_namespace.c” in the Linux operating system allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the mapwrite function in “kernel/usernamespace.c” in the Linux operating system is related to improper authorization. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

DEBIAN-CVE-2018-18955

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, mapwrite in kernel/usernamespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAPSYSADMIN in an affected user namespace can bypass access controls on resources...