SUSE CVE-2026-43471

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

CVE-2026-43356

A flaw was found in the Linux kernel's Industrial I/O IIO subsystem, specifically within the Analog Devices ADIS Inertial Measurement Unit IMU drivers adis16480, adis16490, adis16545. When these drivers are initialized, a NULL pointer dereference occurs in the adisinit function because the adis-o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: numpy (UTSA-2026-017404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017404 advisory. Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-value validation, which allows...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from a null pointer dereferencing in the smfnsmfhandlecreatedatainhsm...

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017688)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017688 advisory. A NULL pointer dereference in H5Osdspaceencode in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF...

Unity Linux 20.1060e / 20.1070e Security Update: virglrenderer (UTSA-2026-017549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017549 advisory. A NULL pointer dereference in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via malformed commands. Tenable has...

CVE-2026-8252 Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer dereference

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

CVE-2026-8252

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

CVE-2026-7262

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

UBUNTU-CVE-2026-7259

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7259

CVE-2026-7259 describes a NULL pointer dereference in PHP due to a mismatch between Oniguruma and mbfl encoding lists, exploitable when user-controlled input influences the encoding passed to mb_regex_encoding(). The issue affects PHP 8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21,...

EUVD-2026-28969

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7259

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

CVE-2026-7262

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

VulnCheck KEV: CVE-2025-32818

A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewall, potentially leading to a Denial-of-Service DoS condition...

openSUSE 16 Security Update : mozjs128 (openSUSE-SU-2026:20674-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20674-1 advisory. - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value...

openSUSE 16 Security Update : frr (openSUSE-SU-2026:20682-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20682-1 advisory. Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting...

OESA-2026-2254 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

SUSE CVE-2025-71291

In the Linux kernel, the following vulnerability has been resolved: misc: bcmvk: Fix possible null-pointer dereferences in bcmvkread In the function bcmvkread, the pointer entry is checked, indicating that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the following code may cause...