160999 matches found
CVE-2026-13491
The CVE-2026-13491 entry concerns 78 xiaozhi-esp32 (up to version 2.2.6) and identifies a vulnerability in the MQTT Goodbye Handler. The issue lies in Application::GetInstance within main/protocols/mqtt_protocol.cc, where manipulating the session_id argument can trigger a denial of service. The a...
Linux Distros Unpatched Vulnerability : CVE-2026-53028
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: typec: Fix error pointer dereference The variable tps-partner is checked for an error pointer and then if it is, it sends an error message but does not...
Linux Distros Unpatched Vulnerability : CVE-2026-53303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding...
Linux Distros Unpatched Vulnerability : CVE-2026-53309
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2/dlm: fix off-by-one in dlmmatchregions region comparison The local-vs-remote region comparison loop uses '=' instead of '', causing it to read one entry...
Linux Distros Unpatched Vulnerability : CVE-2026-53240
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial...
Linux Distros Unpatched Vulnerability : CVE-2026-53314
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - padata: Put CPU offline callback in ONLINE section to allow failure syzbot reported the following warning: DEAD callback error for CPU1 WARNING: kernel/cpu.c:14...
Linux Distros Unpatched Vulnerability : CVE-2026-53276
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis =...
Linux Distros Unpatched Vulnerability : CVE-2026-53295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: add sanity check for channel array Fail gracefully if there is no channel array attached to the mailbox controller. Otherwise the later dereference wil...
Linux Distros Unpatched Vulnerability : CVE-2026-13031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-13035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a malicious peripheral...
Linux Distros Unpatched Vulnerability : CVE-2026-13027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-13033
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in BlinkInterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-13036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Linux Distros Unpatched Vulnerability : CVE-2026-13034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass...
Linux Distros Unpatched Vulnerability : CVE-2026-13037
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-53178
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: rtwmlme: add bounds checks before ielength subtraction Add guards to ensure ielength is large enough before subtracting fixed IE offsets to...
Linux Distros Unpatched Vulnerability : CVE-2026-53242
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and...
Linux Distros Unpatched Vulnerability : CVE-2026-52932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as...
Linux Distros Unpatched Vulnerability : CVE-2026-53185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zram: fix use-after-free in zrambvecwritepartial zramreadpage picks the sync or async backing device read path based on whether the parent bio is NULL...
Linux Distros Unpatched Vulnerability : CVE-2026-53119
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/wmi: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock...