CVE-2026-10863

A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending on how the value wa...

PT-2026-46226

A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation rejected URLs containing an explicit scheme, host, or user component, but did not reject paths...

Astra Linux - уязвимость в imagemagick

In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets were causing undefined behavior, including integer overflow and out-of-range values, as reported by UndefinedBehaviorSanitizer. Such issues could negatively...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the warning from kernelwriteiter 2110.972290 ------------ Cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch does not allow writing to directories...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fixed warnings related to cancelsync on uninitialized workstructs. Betty reported encountering the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 … 8.713282 T221 Call trace:...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Networks: Ethernet; mtkethsoc: fixed the issue of PPE hanging. A patch to resolve this issue was found in MediaTek’s GPL-licensed SDK. In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed a race condition between namespace cleanup and garbage collection for the list:set type. Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and garbage collection of...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Avoid potential out-of-bounds situations in btrfsencodefh. The btrfsencodefh function does not properly handle the three possible cases it processes. Before writing to the file handle fh, the function only returns either...

CVE-2026-43471

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

CVE-2026-43452 netfilter: x_tables: guard option walkers against 1-byte tail reads

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

EUVD-2026-27773

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix pcislottrylock error handling Commit a4e772898f8b "PCI: Add missing bridge lock to pcibuslock" delegates the bridge device's pcidevtrylock to pcibustrylock in pcislottrylock, but it forgets to remove the corresponding...

GraphQL-Ruby's Ruby lexer does not count comment tokens for the purposes of max_query_string_tokens

GraphQL-Ruby's maxquerystringtokens configuration didn't count comment tokens against the limit, allowing strings to be processed even after the configured maximum had actually been reached. In patched versions, the Ruby lexer does count these tokens. GraphQL-CParser is not affected by this...

CVE-2026-42079 PPTAgent: Arbitrary Code Execution via Python eval() of LLM-Generated Code with Builtins in Scope

PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, PPTAgent is vulnerable to arbitrary code execution via Python eval of LLM-generated code with builtins in scope. This issue has been patched via commit 418491a...

CVE-2026-7601 Open5GS AMF gmm-handler.c denial of service

A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF. The manipulation of the argument regtype leads to denial of service. The attack is possible to be carried out remotely. Upgrading to version 2.7.7 is able...

SUSE CVE-2026-31715

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi-nrpages in f2fswriteendio The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the panic is as follows:...

CLSA-2026-1777453408 Fix CVE(s): CVE-2026-35414

SECURITY UPDATE: incorrect matching of principals in the authorizedkeys principals="..." option when a certificate principal contains a comma. - debian/patches/CVE-2026-35414.patch: fix matchprincipalsoption to split on comma and compare principals exactly - CVE-2026-35414...

CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013498 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Avoid overwriting the copies of clcsock callback functions The callback functions of...

SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...

EUVD-2026-23605

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...