GHSA-CVXM-645Q-P574 vulnerabilities

Vulnerabilities for packages: grype-fips, packer, grype, kubescape-server-fips, kaniko-fips, k9s-fips, k9s, spegel-fips, neuvector-fips, buildkitd-fips, trivy-operator-fips, buildkitd, trivy, wolfictl, kaniko, cloudbeat, docker-cli-buildx-fips, packer-fips, dagger, kube-mgmt-fips, chainctl-fips,...

CVE-2026-50195 vulnerabilities

Vulnerabilities for packages: grype-fips, packer, grype, kubescape-server-fips, kaniko-fips, k9s-fips, k9s, spegel-fips, neuvector-fips, buildkitd-fips, trivy-operator-fips, buildkitd, trivy, wolfictl, kaniko, cloudbeat, docker-cli-buildx-fips, packer-fips, dagger, kube-mgmt-fips, chainctl-fips,...

CVE-2026-53492 vulnerabilities

Vulnerabilities for packages: grype-fips, packer, grype, kubescape-server-fips, kaniko-fips, k9s-fips, k9s, spegel-fips, neuvector-fips, buildkitd-fips, trivy-operator-fips, buildkitd, trivy, wolfictl, kaniko, cloudbeat, docker-cli-buildx-fips, packer-fips, dagger, kube-mgmt-fips, chainctl-fips,...

CVE-2026-53489 vulnerabilities

Vulnerabilities for packages: grype-fips, packer, grype, kubescape-server-fips, kaniko-fips, k9s-fips, k9s, spegel-fips, neuvector-fips, buildkitd-fips, trivy-operator-fips, buildkitd, trivy, wolfictl, kaniko, cloudbeat, docker-cli-buildx-fips, packer-fips, dagger, kube-mgmt-fips, chainctl-fips,...

GHSA-XHF5-7WJV-PQXP vulnerabilities

Vulnerabilities for packages: packer, grype, spegel-fips, neuvector-fips, crossplane, trivy-operator-fips, helm-mapkubeapis, buildkitd, helm, cloudbeat, docker-cli-buildx-fips, chainctl-fips, neuvector-scanner-fips, kubescape-server, kube-mgmt, datadog-agent-fips, syft, manifest-tool, chaos-mesh,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vpvdpa: fixed the crash that occurs when the vpvdpa device is unplugged suddenly. When the vpvdpa device is unplugged, it triggers a kernel panic. The root cause is that vdpamgmtdevunregister will access modern devices, leadin...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Added a check for mgmtallocskb in mgmtdeviceconnected. Added a check on the return value of mgmtallocskb in mgmtdeviceconnected to prevent null pointer dereferencing...

RockyLinux 9 : kernel (RLSA-2026:21556)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setti...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed possible UAFs This attempt to fix possible UAFs is due to the fact that the struct mgmtpending is freed while it is still being processed, as seen in the following trace. To address this issue,...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fixed a dangling pointer in mgmtaddadvpatternsmonitorcomplete. This fix addresses the issue where, when status != -ECANCELED, mgmtpendingvalid was executed; otherwise, mgmtpendingfreecmd would free the memory, bu...

kernel: Bluetooth: MGMT: Fix possible UAFs

A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...

CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

CVE-2026-31511 Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

RHEL 9 : kernel-rt (RHSA-2026:9512)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9512 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

nautobot-bgp-models (>=3.0.0a1 <=3.0.0a2), nautobot-capacity-metrics (=4.0.0a1) +12 more potentially affected by CVE-2026-34203 via nautobot (=3.0.0rc2)

nautobot PYPI version =3.0.0rc2 is affected by a known vulnerability. The following packages have a transitive dependency on nautobot and may be impacted: - nautobot-bgp-models =3.0.0a1, =3.0.0rc1, =4.0.0a1, =3.0.0a1, =4.0.0a1, =4.0.0a2 - nautobot-ssot =4.0.0a1 - nautobot-welcome-wizard =3.0.0a1...

SUSE SLES15 Security Update : kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1132-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1132-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: -...

EUVD-2026-15284

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...

EUVD-2026-15261

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...