RUSTSEC-2026-0142 Double-free in `vmem` storage reachable from safe Rust (predecessor of `oneringbuf`)

mutringbuf is the archived predecessor of oneringbuf — the crate was renamed and the GitHub repository was archived on 2025-11-20. All released versions up to 1.0.0 carry the same vmem-feature double-free bug that affects oneringbuf, with the same code paths and the same reproduction shape. When...

CVE-2026-40251

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem contains an...

CVE-2026-40251 Incus out-of-bounds panic in snapshot metadata handling allows denial of service

Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage volume feature to cause the Incus daemon to crash. The backup restore subsystem contains an...

GHSA-4M88-WXJ4-9QJ6 Incus Vulnerable to Panic via Snapshot Bounds Check

Summary Missing validation logic in the storage volume import logic allows an authenticated user with access to Incus' storage volume feature to cause the Incus daemon to crash. Repeated use of this issue can be used to keep Incus offline causing a denial of service. Details The backup restore...

PT-2026-6167

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a deadlock issue related to lock ordering within hugetlb file folios during page migration. Specifically, a deadlock can occur when one task holds a folio lock...

EUVD-2025-28971

Malicious code in bioql PyPI...

The End of Universal Lifelong Identifiers: Identity Systems for the AI Era

Many identity systems assign a single, static identifier to an individual for life, reused across domains like healthcare, finance, and education. These Universal Lifelong Identifiers ULIs underpin critical workflows but now pose systemic privacy risks. We take the position that ULIs are...

PT-2025-9270 · Unknown · Oxidized-Web

Name of the Vulnerable Software and Affected Versions: oxidized-web versions prior to 0.15.0 Description: The RANCID migration page in oxidized-web allows an unauthenticated user to gain control over the Linux user account that is running oxidized-web. This issue can lead to remote code execution...

NSC: NetScaler (Citrix ADC) MPX/SDX 15000-50G/15000Z-50G

Citrix Systems, Inc. announces a Notice of Status Change for the NetScaler Citrix ADC MPX/SDX 15020-50G/15020Z-50G, MPX/SDX 15030-50G/15030Z-50G, MPX/SDX 15040-50G/15040Z-50G, MPX/SDX 15060-50G/15060Z-50G, MPX/SDX 15080-50G/15080Z-50G, MPX/SDX 15100-50G/15100Z-50G, MPX/SDX 15120-50G/15120Z-50G Th...

Netscaler Notice of Status Change Announcement for Classic Policy Based Features and Functionalities

Citrix Systems, Inc. announces a Notice of Status Change NSC for Citrix ADC Classic policy-based features and functionalities. The dates and milestones provided are in accordance with stated End of Life/End of Support policies for Citrix Systems, Inc. Citrix ADC Features & Functionalities Affecte...

SUSE SLES12 Security Update : smt (SUSE-SU-2018:3467-1)

SMT was updated to version 3.0.38. Following security issue was fixed : CVE-2018-12472: Harden hostname check during sibling check by forcing double reverse lookup bsc1104076 Following non security issues were fixed: Add migration path check when registration sharing is enabled Fix sibling sync...

SUSE-SU-2018:3467-1 Security update for smt

SMT was updated to version 3.0.38. Following security issue was fixed: - CVE-2018-12472: Harden hostname check during sibling check by forcing double reverse lookup bsc1104076 Following non security issues were fixed: - Add migration path check when registration sharing is enabled - Fix sibling...