EUVD-2026-35289

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

SUSE CVE-2026-46296

In the Linux kernel, the following vulnerability has been resolved: spi: s3c64xx: fix NULL-deref on driver unbind A change moving DMA channel allocation from probe back to s3c64xxspipreparetransfer failed to remove the corresponding deallocation from remove. Drop the bogus DMA channel release fro...

SUSE CVE-2026-46305

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: osdep: avoid NULL pointer dereference in rtwcbufalloc The return value of kzallocflex is used without ensuring that the allocation succeeded, and the pointer is dereferenced unconditionally. Guard the access t...

SUSE CVE-2026-46310

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1drmcleanup where it should be calling...

CVE-2026-8795

The issue affects Rapid7 Velociraptor’s Windows.Collectors.Remapping artifact prior to version 0.76.6. In collection ZIPs, the hostname field from client_info.json is inserted into a YAML template via Go's text/template without escaping. An attacker supplying a crafted collection ZIP can use lite...

CVE-2026-8795

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

CVE-2026-8795

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

PT-2026-47541

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client info.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

Exploit for CVE-2026-43512

CVE-2026-43512 — Apache Tomcat DIGEST Authentication Bypass...

CVE-2026-46278

A flaw was found in the Linux kernel's drm/imagination driver. A local user could trigger a kernel NULL pointer dereference by providing invalid data when updating the ftrace mask through a debugfs entry. This vulnerability can lead to a system crash, resulting in a Denial of Service DoS...

Security Bulletin: IBM i is Affected By NULL Pointer Dereference, Use Afer Free, and Out-of-Bounds Write Vulnerabilities in OpenSSL [CVE-2026-28388, CVE-2026-28389, CVE-2026-28390, CVE-2026-28387, CVE-2026-31789]

Summary OpenSSL for IBM i is vulnerable to NULL pointer derefences when processing either a delta CRL indicator extension CVE-2026-28388 or CMS EnvelopedData message with KeyAgreeRecipientInfo CVE-2026-28389, CVE-2026-28390, and use after free when using DANE TLSA-based server authentication...

CVE-2026-46282

A flaw was found in the Linux kernel's iio: frequency: admv1013 driver. This vulnerability occurs when the system attempts to read a device property, and an uninitialized string is used, leading to a NULL pointer dereference. This could allow a local attacker to trigger a system crash, resulting ...

CVE-2026-46292

A flaw was found in the Linux kernel's generic power domain genpd component. When a virtual device is detached from a power management PM domain, the pmruntimedisable function is not called, leaving runtime PM enabled for the detached device. This oversight can lead to critical errors, including ...

CVE-2026-46296

A flaw was found in the Linux kernel's s3c64xx Serial Peripheral Interface SPI driver. An issue with incorrect DMA Direct Memory Access channel deallocation during driver unbind could lead to a NULL-pointer dereference. This vulnerability can cause a system crash, resulting in a denial of service...

CVE-2026-46297

A flaw was found in the Linux kernel's libwx network driver. Incorrect handling of virtual function VF miscellaneous interrupts, specifically using requestthreadedirq with a null threaded handler and the IRQFONESHOT flag, can trigger a kernel warning. This issue may lead to system instability or...

CVE-2026-46305

A flaw was found in the Linux kernel, specifically within the rtl8723bs staging driver's osdep module. The rtwcbufalloc function does not properly validate the return value of a memory allocation, leading to an unconditional dereference of a potentially NULL pointer. This vulnerability could allo...

CVE-2026-46310

A flaw was found in the Linux kernel's media: renesas: vsp1 component. When unloading the module on generation 4 hardware, an incorrect cleanup function is called, leading to a NULL pointer dereference. This vulnerability can be triggered by a local attacker, potentially causing a system crash an...

K000161631: libmspack vulnerability CVE-2018-18585

Security Advisory Description chmdreadheaders in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character such as the "/\0" name. CVE-2018-18585 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

CVE-2026-46313

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

CVE-2026-46310

In the Linux kernel, the following vulnerability has been resolved: media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the cleanup code calling vsp1drmcleanup where it should be calling...