CVE-2026-10125

CVE-2026-10125 affects Edimax BR-6478AC firmware 1.23. The issue is in the POST Request Handler’s file /goform/formPPPoESetup, specifically the formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, with remote initiation possible. Public exploit ma...

CVE-2026-10125

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be...

Edimax BR-6478AC 安全漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. Version 1.23 of the Edimax BR-6478AC contains a security vulnerability. This vulnerability stems from a function called formPPPoESetup in the component POST Request Handler. The function’s handling of the parameter...

SUSE CVE-2026-45842

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

CVE-2026-45842

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

CVE-2026-45842 slip: reject VJ receive packets on instances with no rstate array

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhcinit is...

PT-2026-43676

In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array slhc init accepts rslots == 0 as a valid configuration, with the documented meaning of 'no receive compression'. In that case the allocation loop in slhc init is...

Linux Distros Unpatched Vulnerability : CVE-2026-45842

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - slip: reject VJ receive packets on instances with no rstate array slhcinit accepts rslots == 0 as a valid configuration, with the documented meaning of 'no...

CVE-2026-9401

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2026-9401

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...

CVE-2026-9401 Edimax BR-6675nD POST Request formWanTcpipSetup buffer overflow

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...

EUVD-2026-31600

A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. It is possible to initiate the atta...

Edimax BR-6675nD 安全漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a security vulnerability. This vulnerability stems from the formsetPPPoE function in the POST Request Handler component, where improper handling of the...

CVE-2026-9294 Edimax BR-6428NS POST Request formWanTcpipSetup buffer overflow

A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to launch the attack...

PT-2026-42869

A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to launch the attack...

CLSA-2026-1779375889 kernel: Fix of 95 CVEs

perf/x86/intel/uncore: Fix die ID init and look up bugs CVE-2026-43344 - x86/apic: Disable x2apic on resume if the kernel expects so CVE-2026-43363 - drm/amdgpu: Fix use-after-free race in VM acquire CVE-2026-43370 - dm: remove fake timeout to avoid leak request CVE-2026-43314 - md/bitmap: fix...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ppp: Fixed the “KMSAN: uninit-value” warning with bpf Syzbot detected a “KMSAN: uninit-value” warning 1. This issue arises because the ppp driver does not initialize a 2-byte header when using socket filters. The following code c...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ppp: Fixed race conditions in pppfillforwardpath. pppfillforwardpath has two race conditions: 1. The ppp-channels list can change between listempty and listfirstentry, as ppplock is not held. If the only channel is deleted in...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ppp: Rejects packets that are claimed to be LCP packets but are actually malformed packets. Since pppasyncencode assumes that the packets are valid LCP packets with codes from 1 to 7 inclusive, add pppcheckpacket to ensure that t...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output CVE-2023-53188 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice CVE-2024-42322 In the Linux kernel, the...