SUSE CVE-2026-45966

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

CVE-2026-45966 apparmor: fix NULL pointer dereference in __unix_needs_revalidation

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file descriptors via SCMRIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL pointer...

CVE-2026-45966

Summary: CVE-2026-45966 pertains to a regression in AppArmor on Linux kernels (6.17+) where a NULL pointer dereference could occur in __unix_needs_revalidation() when handling SCM_RIGHTS file descriptors, if both sock and sock->sk are NULL during socket setup/teardown. The crash path involves ...

PT-2026-43833

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unix needs revalidation When receiving file descriptors via SCM RIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL point...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking for sock and sock-sk pointers in unixneedsrevalidation, potentially leading to nul...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: wwan: mhi: A memory leak has been fixed in the mhimbimdellink function. The MHI driver registers the network device without setting the needsfreenetdev flag. Additionally, it does not call freenetdev when unregistering the...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fixed a null pointer crash in mtkdrmcrtcfinishpageflip. It’s possible that mtkcrtc-event is NULL in mtkdrmcrtcfinishpageflip. The pendingneedsvblank value is set by mtkcrtc-event, but in mtkdrmcrtcatomicFlush, this...

Analysis of Personal Data Exposure in Thailand

In the digital era, personal data, particularly sensitive identifiers such as the Social Security Number and National Identification Number, have become a highly valuable asset, raising significant concerns regarding privacy and security. This study examines the risks associated with the online...

Exposing the Systematic Vulnerability of Open-Weight Models to Prefill Attacks

As the capabilities of large language models continue to advance, so does their potential for misuse. While closed-source models typically rely on external defenses, open-weight models must primarily depend on internal safeguards to mitigate harmful behavior. Prior red-teaming research has largel...

CVE-2026-23174 nvme-pci: handle changing device dma map requirements

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby

Posted by Natalie Silvanovich Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to...

Cybersecurity Competence for Organisations in Inner Scandinavia

A rapidly growing number of cybersecurity threats and incidents demands that Swedish organisations increase their efforts to improve their cybersecurity capacities. This paper presents results from interviews and a prior survey with key representatives from enterprises and public sector...

EUVD-2025-26166

Malicious code in bioql PyPI...

EUVD-2023-35215

Malicious code in bioql PyPI...

EUVD-2025-12921

Malicious code in bioql PyPI...

Smart Medical IoT Security Vulnerabilities: Real-Time MITM Attack Analysis, Lightweight Encryption Implementation, and Practitioner Perceptions in Underdeveloped Nigerian Healthcare Systems

The growing use of Internet of Things IoT technologies in Nigerian healthcare offers potential improvements in remote monitoring and data-driven care, but unsecured wireless communication in medical IoT mIoT devices exposes patient data to cyber threats. This study investigates such vulnerabiliti...

Linux Distros Unpatched Vulnerability : CVE-2025-39820

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpuencoderneedsmodeset The drmatomicgetnewconnectorsta...

CVE-2025-55244

creationtimestamp| type| source ---|---|--- 2025-09-05 01:53:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2kht2irj2i 2025-09-05 03:01:18+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2oamowsh2v 2025-09-05 06:26:50+00:00| seen|...

CVE-2025-58361

creationtimestamp| type| source ---|---|--- 2025-09-04 23:00:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly2as4pjqe2g 2025-09-05 06:01:16+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3ly2ycfrfr22l...

Improper Authentication

github.com/mattermost/mattermost-plugin-confluence is vulnerable to Improper Authentication. The vulnerability is due to missing enforcement of user authentication in the Mattermost instance, which allows an attacker to access subscription details through an unauthenticated API call to the GET...