SUSE CVE-2026-43213

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release report, which will access out-of-bounds of wdring-pages array, causing NULL pointer dereference. BUG:...

SUSE CVE-2026-43216

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skbmaytxtimestamp skbmaytxtimestamp may acquire sock::skcallbacklock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt and comple...

SUSE CVE-2026-43271

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...

CVE-2026-43282

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access ionic driver. This vulnerability occurs in the ionicqueryport function, where a missing check for the return value of ibdevicegetnetdev can lead to a NULL pointer dereference. A local attacker could potentially exploit this t...

CVE-2026-43272

A flaw was found in the Linux kernel's ring-buffer component. This vulnerability allows a local user to potentially cause a denial of service. The issue occurs because a pointer in the rbmetavalidateevents function is not properly initialized, and its dereference during a reader page validation...

CVE-2026-43271

A flaw was found in the Linux kernel's md-cluster module. During the startup of a multi-device MD array, a race condition can occur where a remote node sends a metadata update message before the system is fully ready to process it. This premature processing leads to a null pointer dereference,...

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Versions of MongoDB Server prior to 8.2 and 8.2.7 contained code vulnerabilities...

CVE-2026-41642

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as...

GoBGP 代码问题漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.4.0 of GoBGP contains a code vulnerability. This vulnerability arises from unauthenticated remote BGP peers sending specially crafted BGP UPDATE messages. When servers process messages with...

CVE-2026-42285

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending a specially crafted BGP UPDATE message. When the server receives a message with inconsistent...

PT-2026-38343

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 8.2.7 Description An authenticated user can cause a denial of service by crashing the mongod process. This occurs when running $rankFusion or $scoreFusion with an empty pipeline on a view. During view resolutio...

Tor 代码问题漏洞

Tor is a virtual tunnel network operated by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a code vulnerability caused by a null pointer dereferencing when the CERT unit received data...

CVE-2026-44602

Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006...

PT-2026-38337

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.4.9.7 Description A NULL pointer dereference occurs when a CERT cell is received out of order. A NULL pointer dereference is a runtime error that happens when a program attempts to read or write to a memory address that...

Linux Distros Unpatched Vulnerability : CVE-2026-43282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function...

Linux Distros Unpatched Vulnerability : CVE-2026-44602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006. CVE-2026-44602 Note that Nessus relies on the...

PT-2026-39448

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description When SoapServer is configured with SOAP PERSISTENCE SESSION, the handler object is persisted...

Linux Distros Unpatched Vulnerability : CVE-2026-43164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: udplite: Fix null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of...

GoBGP 代码问题漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a code vulnerability that arises from a null pointer dereferencing during the processing of malformed BGP UPDATE messages containing unrecognized Well-known path attributes...

PT-2026-39447

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description A mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, whi...