CVE-2026-53114

CVE-2026-53114 affects the Linux kernel perf/amd/ibs component. The flaw arises from calling perf_allow_kernel() within the IBS NMI handler, which is unsafe and could be fatal. The fix caches the permission at event initialization by storing it in event->hw.flags and makes the NMI handler rely...

EUVD-2026-38982

In the Linux kernel, the following vulnerability has been resolved: perf/amd/ibs: Avoid calling perfallowkernel from the IBS NMI handler Calling perfallowkernel from the NMI context is unsafe and could be fatal. Capture the permission at event-initialization time by storing it in event-hw.flags,...

CVE-2026-41133

pyLoad is a free and open-source download manager written in Python. Versions up to and including 0.5.0b3.dev97 cache role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database...

GHSA-66HX-CHF7-3332 pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)

Summary pyLoad caches role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database. As a result, an already logged-in user can keep old revoked privileges until logout/session...