Linux Distros Unpatched Vulnerability : CVE-2026-28903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe...

Security Advisory 0140

Security Advisory 0140 PDF Date: June 3, 2026 Revision | Date | Changes ---|---|--- 1.0 | June 3, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-10040 CVSSv3.1 Base Score: 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSSv4.0 Base Score: 6.8...

CVE-2026-10717 Open-Seachest/Seachest show SCSI Defect List Vulnerability

Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect...

Exploit for Improper Authentication in Google Android

DEDSECBKIF DEDSECBKIF is a keystroke injection tool for Androi...

CVE-2026-46384 iskorotkov/avro: Integer Overflow in Avro Decoder

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets...

The Deliverability Problem: How New Platforms Are Solving Inbox Placement

Email still reaches more people than any other digital channel. Getting it to actually land in the inbox…...

ROS-20260529-73-0013

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise storage platforms relates to the disclosure of information during data transmission. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CC-Tweaked has an SSRF Protection Bypass with NAT64

CC-Tweaked's HTTP API http.request, http.websocket blocks requests to private network ranges to prevent server-side request forgery SSRF. This protection can be bypassed on IPv6-capable servers using NAT64 well-known prefix addresses 64:ff9b::/96. An attacker who can execute Lua code can reach an...

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

State of AI Usage Report 2026 full report here by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across...

SUSE CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

CVE-2026-9739

creationtimestamp| type| source ---|---|--- 2026-05-27 22:53:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmulxqu6w32p 2026-05-28 00:00:39+00:00| seen| https://infosec.exchange/users/offseq/statuses/116649259043709670 2026-06-02 17:46:03+00:00| seen|...

CVE-2026-44327

creationtimestamp| type| source ---|---|--- 2026-05-27 18:01:22+00:00| seen| https://mastodon.social/ap/users/115755483699003887/statuses/116647845023345610 2026-05-27 18:01:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmu3nbo6rk26 2026-05-28 17:37:06+00:00| seen|...

CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

CVE-2026-46077 crypto: atmel-tdes - fix DMA sync direction

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

EUVD-2026-32459

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

CVE-2026-8450

creationtimestamp| type| source ---|---|--- 2026-05-27 05:17:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmsqxmuwt222 2026-05-27 06:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116645011565190190 2026-05-27 06:00:29+00:00| seen|...

PT-2026-43944

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dma addr out must be synced with dma sync single for cpu instead of dma sync single for device. Using the wrong direction can return stale cac...

SUSE-SU-2026:21897-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues Security issue: - CVE-2025-35979: data leaks fixed in 20260512 release bsc1265189. Non security issues: - TW 20250826 Kernel 6.16.3 tainted with value of 4 after reboot. bsc1249138. - Intel CPU Microcode was updated to the 20260512 release...

CVE-2026-33000

creationtimestamp| type| source ---|---|--- 2026-05-22 01:30:44+00:00| seen| https://infosec.exchange/users/offseq/statuses/116615638632098258 2026-05-22 03:15:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmfxo2kuex2h 2026-05-26 09:13:20+00:00| seen|...