PT-2026-36462

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mshv region pin function regarding error handling. First, the pin user pages fast function may return a short pin count greater than zero but less than requested...

CVE-2026-7500

When Keycloak is started with --features-disabled=account,account-api, the Account REST API is only partially disabled. Five endpoints under the versioned path /account/v1alpha1 remain fully functional — including both read and write operations — because they lack the checkAccountApiEnabled gate...

libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...

CVE-2026-31787

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmdvmops defines .close privcmdclose, but neither .maysplit nor .open. When userspace does a partial munmap on a privcmd mapping, the kernel splits the VMA via splitvma. Since...

EUVD-2026-26365

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmdvmops defines .close privcmdclose, but neither .maysplit nor .open. When userspace does a partial munmap on a privcmd mapping, the kernel splits the VMA via splitvma. Since...

SUSE CVE-2007-6735

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session...

PT-2026-36114

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description When the software is started with the --features-disabled=account,account-api flag, the Account REST API is only partially disabled. Five endpoints under the versioned path "/account/v1alpha...

Linux Distros Unpatched Vulnerability : CVE-2026-35250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable...

Linux Distros Unpatched Vulnerability : CVE-2026-35248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...

JLSEC-2026-262 Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware...

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

[SECURITY] Fedora 44 Update: libgsasl-1.10.0-15.fc44

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms...

SUSE CVE-2026-31628

In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...

CVE-2026-31628

A flaw was found in the Linux kernel. On systems utilizing Zen1 processors, the hardware divider can, under specific conditions, retain partial results from prior operations. A local attacker can exploit this vulnerability to access these residual results, leading to information disclosure...

CVE-2026-41907

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

CVE-2026-41907 uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

EUVD-2026-25600

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

CVE-2026-41907 uuid: Missing buffer bounds check in `v3`/`v5`/`v6` when `buf` is provided

uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes small buf or large offset. This allows silent partial writes into caller-provided buffers. This vulnerability is fixed in 14.0.0...

CVE-2026-41907

The CVE affects the uuid implementation used to create RFC9562 UUIDs. Prior to version 14.0.0, v3, v5, and v6 allow silent partial writes by accepting external output buffers without rejecting out-of-range writes (small buffers or large offsets), enabling potential corruption of caller-provided b...

CVE-2026-31628

In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...

DEBIAN-CVE-2026-31628

In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit...