Linux Distros Unpatched Vulnerability : CVE-2026-11695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-46291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at...

Linux Distros Unpatched Vulnerability : CVE-2026-41840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 throug...

Linux Distros Unpatched Vulnerability : CVE-2026-47895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - R. Elliott Childre reports: The clone method of the identificationt class doesn't correctly handle identities that have an empty but non-NULL encoding. Both...

CVE-2026-11460

Boost Serialization up to 1.91 has an improper validation flaw in an unknown function. The vulnerability can be exploited remotely; the exploit has been published. No patch is currently available and the disclosure deadline has expired; maintainers were notified in Aug 2025.

CVE-2026-11460

A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown function. This manipulation causes improper validation of specified type of input. It is possible to initiate the attack remotely. The exploit has been published and may be used. The maintainer was notifie...

CVE-2026-11460 Boost Serialization improper validation of specified type of input

A flaw has been found in Boost Serialization up to 1.91. The impacted element is an unknown function. This manipulation causes improper validation of specified type of input. It is possible to initiate the attack remotely. The exploit has been published and may be used. The maintainer was notifie...

Linux Distros Unpatched Vulnerability : CVE-2026-44170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8...

Linux Distros Unpatched Vulnerability : CVE-2026-44171

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8...

Linux Distros Unpatched Vulnerability : CVE-2026-44169

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUT...

Linux Distros Unpatched Vulnerability : CVE-2026-9698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.648 for Perl saved errors in a limited-sized buffer. Error messages that were returned when RaiseError, PrintError or HandleError were set...

CVE-2026-40343

free5GC UDR is the user data repository UDR for free5GC, an an open-source project for 5th generation 5G mobile core networks. In versions up to and including 1.4.2, a fail-open request handling flaw in the UDR service causes the /nudr-dr/v2/policy-data/subs-to-notify POST handler to continue...

CVE-2026-41688

Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname but passes the original hostname to cURL without CURLOPTRESOLVE pinning on 10 of 11 outbound HTTP endpoints, leaving a DNS...

Linux Distros Unpatched Vulnerability : CVE-2026-11135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a craft...

Linux Distros Unpatched Vulnerability : CVE-2026-50264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple...

Linux Distros Unpatched Vulnerability : CVE-2026-10982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11162

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromiu...

Linux Distros Unpatched Vulnerability : CVE-2026-47320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data...

Linux Distros Unpatched Vulnerability : CVE-2026-10936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...