UBUNTU-CVE-2026-45940

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix oops when split header is enabled For GMAC4, when split header is enabled, in some rare cases, the hardware does not fill buf2 of the first descriptor with payload. Thus we cannot assume buf2 is always fully fill...

PT-2026-43807

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix oops when split header is enabled For GMAC4, when split header is enabled, in some rare cases, the hardware does not fill buf2 of the first descriptor with payload. Thus we cannot assume buf2 is always fully fill...

CVE-2026-8997

creationtimestamp| type| source ---|---|--- 2026-05-22 06:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-8997...

CVE-2026-1630

creationtimestamp| type| source ---|---|--- 2026-05-14 06:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-1630...

CVE-2026-43152

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the hid-pl module. This vulnerability arises from improper error handling during device initialization. An attacker could potentially trigger a NULL pointer dereference by interacting with a device th...

EUVD-2026-27713

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the hid-pl driver’s failure to handle initialization errors, potentially leading to null pointer...

PT-2026-37492

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

DEBIAN-CVE-2025-52204

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

CVE-2025-52204

A Cross-Site Scripting XSS vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter...

Koha 安全漏洞

Koha is a library automation management system developed by the Koha organization. There is a security vulnerability in Koha, which stems from improper validation of the displayby parameter in the /cgi-bin/koha/suggestion/suggestion.pl endpoint. This vulnerability could allow users with low...

ROS-20260310-73-0034

A vulnerability in the PLregkindOPn == NOTHING parameter of the Perl programming language interpreter is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

CVE-2026-2546

A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affected element is an unknown function of the file /otrs/index.pl. Such manipulation of the argument SortBy leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and...

LigeroSmart 代码注入漏洞

LigeroSmart is an open-source management platform developed by LigeroSmart. Versions of LigeroSmart 6.1.26 and earlier contained a code injection vulnerability. This vulnerability stemmed from improper handling of the SortBy parameter in the file/otrs/index.pl, which could lead to cross-site...

PT-2026-8321

A vulnerability was detected in LigeroSmart up to 6.1.26. The impacted element is the function AgentDashboard of the file /otrs/index.pl. Performing a manipulation of the argument Subaction results in cross site scripting. Remote exploitation of the attack is possible. The exploit is now public a...

CVE-2026-23797

creationtimestamp| type| source ---|---|--- 2026-02-05 10:55:00+00:00| seen| https://cert.pl/en/posts/2026/02/CVE-2026-23796/...

Malicious code in pl-global-ec-uikit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327cc69fee3f2500a3cf23d3c917935d3d7db124d0b7f3c136fead2f1d69f093 The package pl-global-ec-uikit was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview pl-global-ec-uikit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...