CVE-2026-41704

AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...

SUSE CVE-2026-1933

A flaw was found in Samba's handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

SUSE CVE-2026-6918

In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized data in the RTMGETNEIGH response message in the net/mctp module. This could lead to t...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the lack of validation when ICMP reply types exceed the range of the icmppointers array, potentially...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from race conditions during the delayed splitting of queues during migration. This could lead to a WAR...

CVE-2026-46064

ibmasm: fix heap over-read in ibmasmsendi2omessage...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the reverse path handling during ICMP routing searches. This vulnerability ma...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the rmdir operation in the FAT file system does not check the inlink value of the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the vfio/cdx driver’s failure to verify whether MSI is configured during the interrupt trigger...

PT-2026-43971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lifetime bookkeeping error exists in the ucan driver within the CAN subsystem. USB drivers bind to USB interfaces, and device managed resources must have their lifetime tied to the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to release the gssauth reference in the incorrect path of the gssallocmsg function...

CVE-2026-46027

net/smc: avoid early lgr access in smcclcwaitmsg...

CVE-2026-45964

SUNRPC: fix gssauth kref leak in gssallocmsg error path...

Linux Distros Unpatched Vulnerability : CVE-2026-46064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this...

CVE-2026-44214

eventsource-encoder encodes events as well-formed EventSource/Server Sent Event SSE messages. Prior to 1.0.2, eventsource-encoder does not sanitize the event or id fields of an EventSourceMessage before serializing them. An attacker who controls either field can inject arbitrary Server-Sent Event...

CVE-2026-9490

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message message type 0x03 to the pipe, causing the service ...

IMVU-Exploits

IMVU Exploits IMVU Classic Client v3.6.15 - Complete exploita...

CVE-2026-44749 Information Disclosure vulnerability in SAP Gateway

The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts e.g., regex patterns and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected...

CVE-2026-44749 Information Disclosure vulnerability in SAP Gateway

The SAP Gateway allows attackers to inject content into error messages, potentially leading to disclosure of request artefacts e.g., regex patterns and revealing underlying URI parsing logic. Leading to low impact on confidentiality. Integrity and availability are unaffected...