CVE-2026-43102

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...

CVE-2026-43102 net: airoha: Fix memory leak in airoha_qdma_rx_process()

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airohaqdmarxprocess If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all th...

CVE-2026-43102

CVE-2026-43102 affects the Linux kernel net/airoha driver: a memory leak in the airoha_qdma_rx_process() when processing subsequent buffers in the non-linear skb portion. If an error occurs, the page_pool fragment may fail to be linked back to the skb, preventing it from being returned to the poo...

PT-2026-37412

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airoha qdma rx process If an error occurs on the subsequents buffers belonging to the non-linear part of the skb e.g. due to an error in the payload length reported by the NIC or if we consumed all...

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

CVE-2026-43039

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

EUVD-2026-26638

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

CVE-2026-43039

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

PT-2026-36456

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the emac dispatch skb zc function where a new skb is allocated via napi alloc skb but packet data from the XDP buffer is not copied into it. This results in the skb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the emacdispatchskbzc function in the icssg-prueth driver failing to copy XDP buffer data to a new skb,...

CVE-2026-6911

Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the...

CLSA-2026-1777566732 Fix CVE(s): CVE-2018-10841

SECURITY UPDATE: privilege escalation on glusterd nodes via the CLI RPC program being exposed on the TCP listener when management-plane SSL is enabled, allowing a TLS-authenticated client outside the trusted storage pool to issue privileged volume-management commands via gluster --remote-host -...

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

UBUNTU-CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CURL-CVE-2026-4873 connection reuse ignores TLS requirement

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

PT-2026-35891

Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A flaw exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is performed in clear-text via IMAP,...

GHSA-2WPX-QPW2-G5H5 CoreDNS' DoQ worker pool does not bound stream backlog

Summary CoreDNS' DNS-over-QUIC DoQ server can be driven into large goroutine and memory growth by a remote client that opens many QUIC streams and stalls after sending only 1 byte. Even with a small configured quic workerpoolsize ... , CoreDNS still spawns a goroutine per accepted stream workers ...

Multiple RBAC issues in XAPI

ISSUE DESCRIPTION XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.htmlrbac-roles The pool-admin role is fully privileged. Notably, users with this role can als...

codex-solidity

⛓️ Codex Solidity — Smart Contract & Protocol Audit Agent Imp...

kernel: scsi: qla2xxx: Fix improper freeing of purex item

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...