PT-2026-28588

Name of the Vulnerable Software and Affected Versions locutus versions 2.0.39 through 3.0.24 Description A prototype pollution issue exists in the parse str function of the npm package locutus. An attacker can manipulate Object.prototype by overriding RegExp.prototype.test and then providing a...

Prototype Pollution

Overview locutus is a Locutus other languages' stadard libraries to JavaScript for fun and educational purposes Affected versions of this package are vulnerable to Prototype Pollution via the locutus.php.strings.parsestr function. An attacker can modify the prototype of global objects by supplyin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000509)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000509 advisory. An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack- based out-of-bounds write because an empty nodelist is...

kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c

An out-of-bounds write flaw was found in the Linux kernel. An empty nodelist in mempolicy.c is mishandled durig mount option parsing leading to a stack-based out-of-bounds write. The highest threat from this vulnerability is to system availability...

PT-2020-2318 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.6.2 Description: The issue is related to a stack-based out-of-bounds write in the mpol parse str function in mm/mempolicy.c due to mishandling of an empty nodelist during mount option parsing. This could...