UBUNTU-CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

CVE-2026-27181 MajorDoMo Unauthenticated Module Uninstall via Market Endpoint

MajorDoMo aka Major Domestic Module allows unauthenticated arbitrary module uninstallation through the market module. The market module's admin method reads gr'mode' from $REQUEST and assigns it to $this-mode at the start of execution, making all mode-gated code paths reachable without...

CVE-2025-1272

CVE-2025-1272 is a reserved entry that, according to connected advisories, concerns the Linux kernel where Secure Boot does not automatically enable kernel lockdown. The affected component is the kernel, and the vulnerability implies lockdown may not be enforced unless patches/settings are applie...

CVE-2025-1272 Kernel: secure boot does not automatically enable kernel lockdown

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

CVE-2025-1272

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

PT-2026-23533

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.5 through 2026.2.13 Description The OpenClaw Gateway does not adequately limit configured hook module paths before passing them to the import function, potentially allowing for code execution. An attacker with the...

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by the American company Red Hat. There is a security vulnerability in Red Hat Enterprise Linux, which stems from the disabled lock mode. This vulnerability could allow attackers to access sensitive information or...

GO-2026-4459 Mattermost Server vulnerable to XSS through channel headers in github.com/mattermost/mattermost-server

Mattermost Server vulnerable to XSS through channel headers in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

securiclaw

🦞 Securiclaw AI-Powered Code Security Scanner Securiclaw...

python39:3.9 and python39-devel:3.9 security update

An update is available for module.modwsgi, module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs...

python38:3.8 and python38-devel:3.8 security update

An update is available for module.modwsgi, module.python-psutil, python-packaging, module.Cython, module.python3x-setuptools, module.python-wcwidth, module.python-ply, python-psycopg2, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy,...

Collaborative Zone-Adaptive Zero-Day Intrusion Detection for IoBT

The Internet of Battlefield Things IoBT relies on heterogeneous, bandwidth-constrained, and intermittently connected tactical networks that face rapidly evolving cyber threats. In this setting, intrusion detection cannot depend on continuous central collection of raw traffic due to disrupted link...

CVE-2025-32060

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

AWS VDP: Arbitrary Code Execution via Scanner Bypass in **aws-diagram-mcp-server** `exec()` Namespace

Description: The aws-diagram-mcp-server contains an arbitrary code execution vulnerability in diagramstools.py. User-supplied Python code is executed via execcode, namespace at line 305 with a namespace containing the full os module, urlretrieve, and Python builtins. A security scanner scanner.py...

[SECURITY] Fedora 42 Update: p11-kit-0.26.2-1.fc42

p11-kit provides a way to load and enumerate PKCS11 modules, as well as a standard configuration setup for installing PKCS11 modules in such a way that they're discoverable...

CVE-2025-32060

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

CVE-2025-32060 Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

EUVD-2025-206906

The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user due to additional vulnerabilities, then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a fl...

Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2026-cd0705c6a7)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-cd0705c6a7 advisory. nginx-mod-naxsi: - Rebuild for 1.28.2 nginx-mod-brotli: - Rebuild for 1.28.2 nginx-mod-fancyindex: - Rebuild for 1.28.2 nginx-mod-modsecurity: - Rebuild for...