PT-2026-40214

Stack-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally...

KB5087544: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (May 2026)

The remote Windows host is missing security update 5087544. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. CVE-2026-34329 - Heap-based buffer overflow in Windo...

PT-2026-40154

Name of the Vulnerable Software and Affected Versions Windows TCP/IP affected versions not specified Description A race condition occurs due to concurrent execution using a shared resource with improper synchronization in Windows TCP/IP. This allows an authorized attacker to elevate privileges...

Microsoft Windows TCP/IP 竞争条件问题漏洞

Microsoft Windows TCP/IP is a component provided by Microsoft Corporation that offers TCP/IP configuration functions for Windows. There is a vulnerability related to race conditions in Microsoft Windows TCP/IP. Attackers can exploit this vulnerability to gain elevated privileges. The following...

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

CVE-2026-42256

Net::IMAP (Ruby) is affected by a Denial of Service when authenticating with SCRAM-SHA1/SCRAM-SHA256 if a hostile server sends a very high iteration count. Affected versions: 0.4.0–0.4.23, 0.5.0–0.5.13, 0.6.0–0.0.6. Wait that seems wrong: fix lists are 0.4.24, 0.5.14, 0.6.4. Corrected: Affected r...

CVE-2026-43341

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: ioam6: prevent schema length wraparound in trace fill ioam6filltracedata stores the schema contribution to the trace length in a u8. With bit 22 enabled and the largest schema payload, sclen becomes 1 + 1020 / 4, wraps...

CVE-2026-43284

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a non-constant time for the MAC comparison of tcp-md5, potentially leading to timing attacks...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

SUSE-SU-2026:1732-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

CVE-2026-43226 net/rds: No shortcut out of RDS_CONN_ERROR

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

Linux Distros Unpatched Vulnerability : CVE-2026-43198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child sock...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: sctp: Handle the error returned from sctpauthasocinitactivekey. When an error is returned from sctpauthasocinitactivekey, the activekey is not actually updated. The old shkey remains freed while it’s still being used as the activ...

Wireshark Analyzer 4.6.5

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...

CVE-2026-40473

The CVE-2026-40473 issue affects the camel-mina MinaConverter.toObjectInput(IoBuffer) by wrapping an IoBuffer in a java.io.ObjectInputStream without ObjectInputFilter or class-loading restrictions. Affected: Apache Camel before certain fixed releases (3.0.0–4.14.6, 4.15.0–4.18.2, 4.19.0–4.20.0). ...

CVE-2026-40473 Apache Camel Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP

The camel-mina component's MinaConverter.toObjectInputIoBuffer type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput f...

PT-2026-35140

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the IPv6 flowlabel implementation. The function ip6fl seq show iterates through the global flowlabel hash under a seq-file RCU read-side lock and accesse...

CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

Microsoft Windows TCP/IP is a Microsoft component that provides TCP/IP configuration capabilities for Windows. A remote code execution vulnerability exists in Microsoft Windows TCP/IP, which can be exploited by an attacker to execute code...