195 matches found
CVE-2026-10671
CVE-2026-10671 affects Zephyr kernel: the userspace verifier for k_pipe_init used K_SYSCALL_OBJ(), allowing an unprivileged thread with access to a k_pipe object to re-init a live pipe. This re-initialization clears the ring buffer and wait queues without accounting for current blockers, leaving ...
AlmaLinux 9 : podman (ALSA-2026:37123)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37123 advisory. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39835 golang.org/x/crypto/ssh:...
podman security, bug fix, and enhancement update
An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...
RLSA-2026:37072 Important: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...
RLSA-2026:37123 Important: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...
RockyLinux 9 : podman (RLSA-2026:37123)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:37123 advisory. golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate CVE-2026-39835 golang.org/x/crypto/ssh:...
Important: Red Hat Security Advisory: podman security, bug fix, and enhancement update
An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: Red Hat Security Advisory: podman security, bug fix, and enhancement update
An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2026:37123 Important: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...
Important: podman security, bug fix, and enhancement update
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted S...
RLSA-2026:33722 Important: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via...
container-tools:rhel8 security, bug fix, and enhancement update
An update is available for module.netavark, module.runc, slirp4netns, module.libslirp, criu, module.udica, module.oci-seccomp-bpf-hook, udica, toolbox, netavark, container-selinux, module.python-podman, module.crun, python-podman, module.containers-common, module.conmon, oci-seccomp-bpf-hook,...
RockyLinux 8 : container-tools:rhel8 (RLSA-2026:33722)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:33722 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial...
CVE-2026-52930
A flaw was found in the Linux kernel's inter-process communication IPC shared memory shm component. A synchronization issue exists where orphaned shared memory segments might be incorrectly destroyed while still in use due to a lack of serialization between cleanup and attachment updates. This...
Astra Linux – Vulnerability in grub2
A vulnerability related to operations after freeing memory has been discovered in GRUB’s gettext module. This flaw arises from a programming error where the gettext command remains registered in memory even after its associated module is unloaded. An attacker can exploit this condition by invokin...
CVE-2026-49337 libde265 has an unbounded memory leak via orphaned slice headers in `read_slice_NAL`
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted sequence of H.265 NAL units causes decodercontext::readsliceNAL libde265/decctx.cc:481 to attach slice headers to a finished picture object that has no active image unit, resulting in...
Orphaned AI Agents: How to Find Hidden Access Risks Inside Your Network
If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? For most enterprises, the answer is a simple no. The rush to adopt internal AI tools has left a massive trail of administrative debt:...
EUVD-2026-36728
Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...
CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads
Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...
CVE-2026-5038
MULTER CVE-2026-5038 affects multer’s diskStorage: versions 2.0.0-alpha.1–2.1.1 and 3.0.0-alpha.1 are vulnerable. The root cause is that Readable.pipe() does not propagate the stream destroy signal to the underlying fs.WriteStream, allowing aborted or malformed multipart uploads to leave orphaned...