Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fixed a memory leak in the .getmodes function. The duplicated EDID values are never freed. This issue needs to be addressed...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/dispnv04: fixed a null pointer dereferencing in nv17tvgetldmodes. In nv17tvgetldmodes, the return value of drmmodeduplicate is assigned to mode. This could lead to a NULL pointer dereferencing in case of a failure of...

PT-2026-41728

Name of the Vulnerable Software and Affected Versions mcp-server-kubernetes affected versions not specified Description An access control bypass exists where the read-only mode and other access control modes do not effectively restrict access. The software has over 20,000 weekly npm downloads...

From Backup Restoration to Minimum Viable Factory Recovery: A Systematization of Ransomware Recovery in Manufacturing Systems

Ransomware recovery in critical manufacturing infrastructure is not only a backup-restoration problem. Production capability depends on coupled information-technology, operational-technology, physical-process, quality, logistics, identity, and supplier systems. After ransomware, a plant may rebui...

Autonomous Adversary: Red-Teaming in the Age of LLM

Language Model Agents LMAs are emerging as a powerful primitive for augmenting red-team operations. They can support attack planning, adversary emulation, and the orchestration of multi-step activity such as lateral movement, a core enabling capability of advanced persistent threat APT campaigns...

EUVD-2026-27663

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 "vfs: catch invalid modes in mayopen" requires any inode be one of SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/ SIFIFO/SIFSOCK type, use SIFREG for special inodes...

CVE-2026-43268

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 "vfs: catch invalid modes in mayopen" requires any inode be one of SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/ SIFIFO/SIFSOCK type, use SIFREG for special inodes...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed a null pointer dereference in nouveauconnectorgetmodes. In nouveauconnectorgetmodes, the return value of drmmodeduplicate is assigned to mode, which may lead to a NULL pointer dereference in case of failure of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Octeontx2-af: Added proper checks for fwdata. Firmware populates the MAC address, link modes supported, advertised, and EEPROM data in the shared firmware structure. Kernel access is via the MAC block CGX/RPM. Accessing fwdata...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/modes: It is necessary to avoid division by zero more strictly in drmmodevrefresh. The drmmodevrefresh function attempts to avoid division by zero by checking whether htotal or vtotal is zero. However, we may still end up...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/client: The modes array contains pointers to modes in the connector’s mode lists, which are protected by dev-modeconfig.mutex. Therefore, we need to extend the protection for modes in the same way; otherwise, by the time we u...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: drm/imx: Fixed a memory leak in imxpdconnectorgetmodes. Avoid leaking the display mode variable if ofgetdrmdisplaymode fails. Addressing issue-Coverity-ID: 1443943 “Resource leak”...

Astra Linux - уязвимость в openssl

There exists a timing-based side channel in the OpenSSL RSA Decryption implementation. This vulnerability could be sufficient for an attacker to recover plaintext across a network in a Bleichenbacher-style attack. To successfully decrypt data, an attacker would need to be able to send a very larg...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "storemodes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: Clean up user copy references on the ublk server exit If an ublk server process releases an ublk character device file, any requests sent to the ublk server but not yet completed will retain a reference value of...

Incorrect Permission Assignment for Critical Resource

Overview @anthropic-ai/sdk is a The official TypeScript library for the Anthropic API Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource in the BetaLocalFilesystemMemoryTool that creates memory files and directories using the Node.js default...

CVE-2026-31561

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86CR4FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so that whenever something else modifies CR4, that bit remains set. Which in itself is a perfectly fine...

CVE-2026-41239

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Starting in version 1.0.10 and prior to version 3.4.0, SAFEFORTEMPLATES strips ... expressions from untrusted HTML. This works in string mode but not with RETURNDOM or RETURNDOMFRAGMENT, allowing XSS via...

CVE-2026-41239

DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Starting in version 1.0.10 and prior to version 3.4.0, SAFEFORTEMPLATES strips ... expressions from untrusted HTML. This works in string mode but not with RETURNDOM or RETURNDOMFRAGMENT, allowing XSS via...

DOMPurify 跨站脚本漏洞

DOMPurify is a JavaScript-based tool developed by Cure53’s individual developer, designed for working with the DOM Document Object Model in HTML, MathML, and SVG. Versions of DOMPurify from 1.0.10 to 3.4.0 contained a cross-site scripting vulnerability. This vulnerability occurred because the...