CVE-2026-8968

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

kernel: wifi: mac80211_hwsim: fix typo in frequency notification

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...

kernel: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs ISERR bug The qmpusbiomap helper function currently returns the raw result of devmioremap for non-exclusive mappings. Since devmioremap may return a NULL pointer and the caller only checks error...

kernel: bpf: Do not include stack ptr register in precision backtracking bookkeeping

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue 1 where the following warning appears in kernel dmesg: 60.643604 verifier backtracking bug 60.643635 WARNING: CPU: 10 PID: 2315...

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

kernel: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...

kernel: dm: fix NULL pointer dereference in __dm_suspend()

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: PCI/AER: Avoid NULL pointer dereference in aer_ratelimit()

A flaw was found in the Linux kernel PCI/AER Advanced Error Reporting subsystem. When platform firmware reports error information via the ACPI APEI GHES mechanism for a device that does not advertise an AER capability, dev-aerinfo remains NULL. The function aerratelimit does not check for this...

CLSA-2026-1779179106 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

CLSA-2026-1779178796 php: Fix of 2 CVEs

CVE-2026-7261: SOAP UAF on SoapServer::handle header-handler failure - CVE-2026-7262: SOAP tozvalmap NULL pointer dereference...

CVE-2026-47312

Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47310

Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47312

Technical details are not publicly available in the provided documents; no affected version, root cause, or remediation is specified here. Monitor for updates from the sources listed.

EUVD-2026-30848

Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47312

Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47312

Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47312

Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3...

CVE-2026-47308

NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9...

CVE-2026-47310

CVE-2026-47310 describes a Use-after-free vulnerability in Samsung Open Source Escargot (affected commit: 590345cc6258317c5da850d846ce6baaf2afc2d3). The root cause is reuse of freed resources, enabling pointer manipulation. This is reported across multiple feeds (NVD, CNNVD, CIRCL sightings, etc....