AlmaLinux 10 : kernel (ALSA-2026:4012)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:4012 advisory. kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel iouring: Local privileg...

PT-2026-24762

InputMapper 1.6.10 contains a buffer overflow vulnerability in the username field that allows local attackers to crash the application by entering an excessively long string. Attackers can trigger a denial of service by copying a large payload into the username field and double-clicking to proces...

kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting

A flaw was found in the Linux kernel's device mapper dm component. When setting up zone append emulation resources, a race condition can occur if the blkrevalidatediskzones function fails while another process simultaneously calls dmblkreportzones. This timing issue can lead to a use-after-free...

kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting

A flaw was found in the Linux kernel's device mapper dm component. When setting up zone append emulation resources, a race condition can occur if the blkrevalidatediskzones function fails while another process simultaneously calls dmblkreportzones. This timing issue can lead to a use-after-free...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

ALSA-2026:4012 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel iouring: Local privilege escalation, information disclosure, or...

RHEL 9 : kernel (RHSA-2026:4011)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4011 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: x86/tdx: Fix in-kernel MMIO...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005706 advisory. In the Linux kernel, the following vulnerability has been resolved: dm cache: Fix UAF in destroy Dmcache also has the same UAF problem when dmresume and dmdestroy ar...

RLSA-2026:1143 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

ROS-20260205-73-0024

A vulnerability in the sendemptyflush function of the Linux kernel dm driver is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker to violate data integrity and also cause a denial of service...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +219 more potentially affected by CVE-2026-1518 via org.keycloak:keycloak-services (>=10.0.0 <=9.0.3)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =0.1, =0.1, =1.0.1, =0.1, =1.0.1, =0.1, =1.2.0, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

CVE-2026-1546

A security vulnerability has been detected in jishenghua jshERP up to 3.6. The impacted element is the function getBillItemByParam of the file /jshERP-boot/depotItem/importItemExcel of the component com.jsh.erp.datasource.mappers.DepotItemMapperEx. The manipulation of the argument barCodes leads ...

AlmaLinux 9 : kernel (ALSA-2026:1143)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:1143 advisory. kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in...

EUVD-2026-4847

A security vulnerability has been detected in jishenghua jshERP up to 3.6. The impacted element is the function getBillItemByParam of the file /jshERP-boot/depotItem/importItemExcel of the component com.jsh.erp.datasource.mappers.DepotItemMapperEx. The manipulation of the argument barCodes leads ...

CVE-2026-1546

A security vulnerability has been detected in jishenghua jshERP up to 3.6. The impacted element is the function getBillItemByParam of the file /jshERP-boot/depotItem/importItemExcel of the component com.jsh.erp.datasource.mappers.DepotItemMapperEx. The manipulation of the argument barCodes leads ...

CVE-2026-1546 jishenghua jshERP com.jsh.erp.datasource.mappers.DepotItemMapperEx importItemExcel getBillItemByParam sql injection

A security vulnerability has been detected in jishenghua jshERP up to 3.6. The impacted element is the function getBillItemByParam of the file /jshERP-boot/depotItem/importItemExcel of the component com.jsh.erp.datasource.mappers.DepotItemMapperEx. The manipulation of the argument barCodes leads ...

CVE-2026-1546

CVE-2026-1546 affects jishenghua jshERP up to version 3.6. The vulnerability is an SQL injection in DepotItemMapperEx.getBillItemByParam (file /jshERP-boot/depotItem/importItemExcel) triggered by manipulating the barCodes parameter. It can be exploited remotely and has been publicly disclosed. Re...

Malicious Package

Overview dynamodb-data-mapper-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious Package

Overview @rrvis/code-mapper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Oracle Linux 9 : kernel (ELSA-2026-1143)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1143 advisory. - Bluetooth: hcisock: Prevent race in socket write iter and sock bind CKI Backport Bot RHEL-139462 CVE-2025-68305 - dm: fix dmblkreportzones CKI Backpo...