4569 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-7990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege...
Linux Distros Unpatched Vulnerability : CVE-2026-44353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not valida...
Linux Distros Unpatched Vulnerability : CVE-2026-7922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML pag...
Linux Distros Unpatched Vulnerability : CVE-2026-7998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process ...
Linux Distros Unpatched Vulnerability : CVE-2026-43268
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hfsplus: pretend special inodes as regular files Since commit af153bb63a33 vfs: catch invalid modes in mayopen requires any inode be one of...
Linux Distros Unpatched Vulnerability : CVE-2025-71290
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is...
Linux Distros Unpatched Vulnerability : CVE-2026-6918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message. CVE-2026-6918 Note...
Linux Distros Unpatched Vulnerability : CVE-2025-71294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, bufferfuncs will not initialize, fix the null pointer issue if bufferfuncs not...
Linux Distros Unpatched Vulnerability : CVE-2026-43273
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: supply snapshot context in cephzeropartialobject The cephzeropartialobject function was missing proper snapshot context for its OSD write operations, whic...
Linux Distros Unpatched Vulnerability : CVE-2026-43078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was...
Linux Distros Unpatched Vulnerability : CVE-2026-43135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: cx23885: Add missing unmap in sndcx23885hwparams In error path, add cx23885alsadmaunmap to release the resource acquired by cx23885alsadmamap...
Linux Distros Unpatched Vulnerability : CVE-2026-43272
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer headpage in rbmetavalidateevents which is not initialized at the beginning of ...
Linux Distros Unpatched Vulnerability : CVE-2026-43074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still...
Linux Distros Unpatched Vulnerability : CVE-2026-43132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm-verity: correctly handle dmbufioclientcreate failure If either of the calls to dmbufioclientcreate in verityfecctr fails, then dmbufioclientdestroy is later...
GHSA-4V9X-CQC5-J645 Codechecker has an authentication bypass for certain API calls
Summary Authentication bypass occurs when the URL ends with Authentication with certain function calls. This bypass allows assigning arbitrary permissions to any existing user in CodeChecker. Details The following functions are affected under the Authentication endpoint: getAuthorisedNames,...
CVE-2026-25588
RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with the...
PT-2026-37091
Name of the Vulnerable Software and Affected Versions Langchain-Chatchat versions prior to 0.3.1.4 Description An issue exists in the Uploaded File Handler component within the get file id function of the file libs/chatchat-server/chatchat/server/api server/openai routes.py. Manipulation of this...
Linux Distros Unpatched Vulnerability : CVE-2026-6502
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
CVE-2026-7597
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...
CVE-2026-42234 n8n: Python Task Runner Sandbox Escape
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. This...