CVE-2026-2136

CVE-2026-2136 affects projectworlds Online Food Ordering System v1.0. The vulnerability resides in an unknown function of /view-ticket.php where manipulating the ID parameter enables SQL injection, with remote exploitation demonstrated by published exploits. Multiple sources (NVD, Red Hat, CVE li...

Projectworlds Online Food Ordering System SQL注入漏洞

Projectworlds Online Food Ordering System is an online meal ordering system developed by Projectworlds Company in India. Version 1.0 of the Projectworlds Online Food Ordering System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in the...

PT-2026-6962

Name of the Vulnerable Software and Affected Versions projectworlds Online Food Ordering System version 1.0 Description A flaw exists in projectworlds Online Food Ordering System version 1.0, specifically within an unknown function of the /view-ticket.php file. Manipulation of the ID argument can...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when certain Check calls are executed. An attacker can gain unauthorized access to resources by exploiting improper policy enforcement when specific conditions involving type bound public and non-public access...

SUSE CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23110

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...

UBUNTU-CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23110

CVE-2026-23110 relates to the Linux kernel SCSI core: Wake up the error handler when final completions race against each other. The description identifies two race conditions that can prevent the error handler from waking up, potentially leaving I/O in the error state. Root causes are memory-orde...

CVE-2026-23110

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...

EUVD-2026-5445

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23097

CVE-2026-23097: Linux kernel migrate path deadlock due to incorrect lock ordering between hugetlb folio_lock and i_mmap_rwsem. Specifically migrate_pages -> migrate_hugetlbs -> unmap_and_move_huge_page -> remove_migration_ptes -> __rmap_walk_file() acquires i_mmap_lock_read while anot...

CVE-2026-23097 migrate: correct lock ordering for hugetlb file folios

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

CVE-2026-23097

In the Linux kernel, the following vulnerability has been resolved: migrate: correct lock ordering for hugetlb file folios Syzbot has found a deadlock analyzed by Lance Yang: 1 Task 5749: Holds foliolock, then tries to acquire immaprwsemread lock. 2 Task 5754: Holds immaprwsemwrite lock, then tri...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by a lock ordering error, which may lead to deadlocks...

PT-2026-6038

Name of the Vulnerable Software and Affected Versions Django versions 6.0 through 6.0.1 Django versions 5.2 through 5.2.10 Django versions 4.2 through 4.2.27 Django versions 5.0.x and earlier Django versions 4.1.x and earlier Django versions 3.2.x and earlier Description The .QuerySet.order by...

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. Google Go suffers from an information disclosure vulnerability that stems from an issue with the order in which messages across cryptographic level boundaries are processed during...

CVE-2026-22986 gpiolib: fix race condition for gdev->srcu

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...