Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: A memory leak has been fixed in the mhimbimdellink function. The MHI driver registers the network device without setting the needsfreenetdev flag. Additionally, it does not call freenetdev when unregistering the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed a null pointer crash in mtkdrmcrtcfinishpageflip. It is possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. The pendingneedsvblank value is set by mtkcrtc-event, but in mtkdrmcrtcatomicFlush, it...

SUSE CVE-2026-45966

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

CVE-2026-45966 apparmor: fix NULL pointer dereference in __unix_needs_revalidation

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

CVE-2026-45966

CVE-2026-45966 concerns a Linux kernel/AppArmor regression. When receiving file descriptors via SCM_RIGHTS, both sock and sock->sk can be NULL, leading to NULL pointer dereferences in __unix_needs_revalidation() and a crash. The issue stems from added NULL checks in a new function without ensu...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking for sock and sock-sk pointers in unixneedsrevalidation, potentially leading to nul...

PT-2026-43833

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.17 through 6.17 Description A NULL pointer dereference occurs in the unix needs revalidation function when receiving file descriptors via SCM RIGHTS. During socket setup or teardown, both the socket pointer and the...

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

Exposing the Systematic Vulnerability of Open-Weight Models to Prefill Attacks

As the capabilities of large language models continue to advance, so does their potential for misuse. While closed-source models typically rely on external defenses, open-weight models must primarily depend on internal safeguards to mitigate harmful behavior. Prior red-teaming research has largel...

CVE-2026-23174 nvme-pci: handle changing device dma map requirements

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby

Posted by Natalie Silvanovich Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to...

Cybersecurity Competence for Organisations in Inner Scandinavia

A rapidly growing number of cybersecurity threats and incidents demands that Swedish organisations increase their efforts to improve their cybersecurity capacities. This paper presents results from interviews and a prior survey with key representatives from enterprises and public sector...

EUVD-2023-35215

Malicious code in bioql PyPI...

EUVD-2025-26166

Malicious code in bioql PyPI...

EUVD-2025-12921

Malicious code in bioql PyPI...

Smart Medical IoT Security Vulnerabilities: Real-Time MITM Attack Analysis, Lightweight Encryption Implementation, and Practitioner Perceptions in Underdeveloped Nigerian Healthcare Systems

The growing use of Internet of Things IoT technologies in Nigerian healthcare offers potential improvements in remote monitoring and data-driven care, but unsecured wireless communication in medical IoT mIoT devices exposes patient data to cyber threats. This study investigates such vulnerabiliti...

Linux Distros Unpatched Vulnerability : CVE-2025-39820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorsta...

CVE-2025-55244

creationtimestamp| type| source ---|---|--- 2025-09-05 01:53:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2kht2irj2i 2025-09-05 03:01:18+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2oamowsh2v 2025-09-05 06:26:50+00:00| seen|...

CVE-2025-58361

creationtimestamp| type| source ---|---|--- 2025-09-04 23:00:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2as4pjqe2g 2025-09-05 06:01:16+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2ycfrfr22l...

Improper Authentication

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Authentication. The vulnerability is due to missing enforcement of user authentication in the Mattermost instance, which allows an attacker to access subscription details through an unauthenticated API call to the GET...