EUVD-2025-209917

A time-of-check time-of-use vulnerability in the Trend Micro Apex One mac agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The abort logic in btrfsreplacefileextents has been fixed. Error injection testing revealed a case where a corrupt file system could occur, with an absent extent in the middle of a file. This occurs because the if statemen...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nvme-pci: Handling of changes to the device’s DMA map requirements. The initial state of dmaneedsunmap might be false, but it becomes true during the DMA mapping process. Enabling swiotlb can affect the outcome in such cases...

curl: TLS peer-verification bypass via mid-transfer ssl_config mutation

Hi all, We want to report a TLS peer-verification issue on current master. The trigger is narrow and requires a specific application usage pattern, but when it fires, a transfer that requests CURLOPTSSLVERIFYPEER=1 can reuse a TLS connection that was established with peer verification disabled...

EUVD-2026-28524

Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...

LuxSci Launches Enterprise-Grade HIPAA-Compliant Email Security for Mid-Sized Healthcare Organizations

Cambridge, MA, 5th May 2026, CyberNewswire...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection. But we do not return the mi...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All releasemid callers seem to hold a reference of @mid so there is no need to call krefput&mid-refcount, releasemid under @server-midlock spinlock. If they don't, then an...

CVE-2026-23421

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

CVE-2026-23421

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

UBUNTU-CVE-2026-23421

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

CVE-2026-23421 drm/xe/configfs: Free ctx_restore_mid_bb in release

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctxrestoremidbb in release ctxrestoremidbb memory is allocated in wabbstore, but xeconfigdevicerelease only frees ctxrestorepostbb. Free ctxrestoremidbb0.cs as well to avoid leaking the allocation when the...

PT-2026-30035

In the Linux kernel, the following vulnerability has been resolved: drm/xe/configfs: Free ctx restore mid bb in release ctx restore mid bb memory is allocated in wa bb store, but xe config device release only frees ctx restore post bb. Free ctx restore mid bb0.cs as well to avoid leaking the...

SUSE CVE-2026-23174

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

UBUNTU-CVE-2026-23174

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

CVE-2026-23174 nvme-pci: handle changing device dma map requirements

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

8 Top MDR Providers for Mid-Market Companies

Top 8 MDR providers for mid-market firms needing expert detection, faster response, and reduced noise without building full in-house SOCs...

PT-2026-5767

A third-party NAT traversal module fails to validate SSL/TLS certificates when connecting to the signaling server. While subsequent access to device services requires additional authentication, a Man-in-the-Middle MitM attacker can intercept or redirect the NAT tunnel establishment. This could...

Securing the Mid-Market Across the Complete Threat Lifecycle

For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done...

MiracleLinux 8 : qt5-qtbase-5.12.5-6.el8, qt5-qttools-5.12.5-2.el8, qt5-qtwebsockets-5.12.5-2.el8 (AXSA:2021-1450:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1450:01 advisory. qt: XML entity expansion vulnerability CVE-2015-9541 qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages...