EUVD-2026-24943

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

WordPress Maximum Products per User for WooCommerce plugin <= 4.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Maximum Products per User for WooCommerce versions = 4.3.6...

CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

CVE-2026-31498

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...

CVE-2026-31498

Linux kernel CVE-2026-31498 affects Bluetooth L2CAP by exposing memory leaks during reconfiguration (ERTM data structures) and a zero-valued max_pdu_size path that can lead to an infinite loop in l2cap_segment_sdu. Root cause: reconfiguration previously re-initialized ERTM state and NULL’d sdu wi...

CVE-2026-33602

CVE-2026-33602 concerns PowerDNS DNSdist (and related Linux distros) where a rogue backend can send a crafted UDP response with a query ID off by one relative to the maximum configured value. This leads to an out-of-bounds write and a denial of service. The connected documents confirm the same ro...

EUVD-2026-24641

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

EUVD-2026-24631

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

CVE-2026-6022

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013792)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013792 advisory. In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013565 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the htundoimpl function due to accumulation of a bytes-per-line value bpl using a 32-bit signed integer without overflow protection. An attacker can cause a heap out-of-bounds write by supplying a craft...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010751)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010751 advisory. In the Linux kernel, the following vulnerability has been resolved: vhost: fix hung thread due to erroneous iotlb entries In vhostiotlbaddrangectx, range size can...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007056)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007056 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a ver...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010934)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010934 advisory. In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011106 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology request...

CVE-2026-32690 Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1

Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked. If you do not store variables with sensitive values in JSON form, you are not affected. Otherwise please upgrade to...

GHSA-XR93-PCQ3-PXF8 Zebra: addr/addrv2 Deserialization Resource Exhaustion

CVE-2026-40881: addr/addrv2 Deserialization Resource Exhaustion Summary When deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra would fully deserialize them up to a maximum length over 233,000 that was derived from the 2 MiB message size limit. This is much larger th...

OESA-2026-1949 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...