CVE-2026-48557

Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer. The sanitizer checks only the final filename suffix, allowing double-extension filenames such as shell.php.jpg to bypass the blocklist, with pathinfo preserving inner .php...

Thou Shall Not Pass: Gatekeeping Outbound TLS Connections

Despite the widespread use of Transport Layer Security TLS, its security guarantees are frequently compromised by outdated versions and misconfigurations. To analyze this problem, we collected more than 50 million TLS handshakes over a two-week period at our research institution, Fondazione Bruno...

CVE-2026-45933

bpf: Preserve id of register in synclinkedregs...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: PM: core: Keep irq flags in devicepmcheckcallbacks The function devicepmcheckcallbacks can be called under the spin lock in the reported case, it happens from genpdadddevice - devpmdomainset. In this case, the genpd uses spinlock...

Faraday has a possible incomplete fix for GHSA-33mh-2634-fwr2 - protocol-relative URI objects still bypass host scoping

Summary Faraday::Connectionbuildexclusiveurl still allows protocol-relative host override when the request target is provided as a URI object instead of a String. This bypasses the February 2026 fix for GHSA-33mh-2634-fwr2 and can redirect a request built from a fixed-base Faraday::Connection to ...

CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Correct RINGCTRLABORT handling in DMA dequeue The logic used to abort the DMA ring contains several flaws: 1. The driver unconditionally issues a ring abort even when the ring has already stopped. 2. The...

PT-2026-38384

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.32.0 Description Six API endpoints '/pdfengines/merge', '/pdfengines/split', '/libreoffice/convert', '/chromium/convert/url', '/chromium/convert/html', and '/chromium/convert/markdown' allow anonymous callers to...

CVE-2026-43168

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

CVE-2026-43168 ocfs2: fix reflink preserve cleanup issue

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec "ocfs2: fix xattr array entry countedby error" doesn't handle all cases and the cleanup job for preserved xattr entries still has bug: - the 'last' pointer should be...

PT-2026-34482

The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from utf8 lossy, which replaces invalid UTF-8 byte sequences with the Unicode replacement character U+FFFD. This behavior differs from GNU comm,...

Ech0 has Stored XSS via SVG Upload and Content-Type Validation Bypass in File Upload

Summary The file upload endpoint validates Content-Type using only the client-supplied multipart header, with no server-side content inspection or file extension validation. Combined with an unauthenticated static file server that determines Content-Type from file extension, this allows an admin ...

Rack's improper unfolding of folded multipart headers preserves CRLF in parsed parameter values

Summary Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename or name instead of removing the folded line break during unfolding. As a result,...

Astro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path`

Summary The @astrojs/vercel serverless entrypoint reads the x-astro-path header and xastropath query parameter to rewrite the internal request path, with no authentication whatsoever. On deployments without Edge Middleware, this lets anyone bypass Vercel's platform-level path restrictions entirel...

CVE-2026-33768

Astro is a web framework. Prior to version 10.0.2, the @astrojs/vercel serverless entrypoint reads the x-astro-path header and xastropath query parameter to rewrite the internal request path, with no authentication whatsoever. On deployments without Edge Middleware, this lets anyone bypass Vercel...

CVE-2025-70457

A Remote Code Execution RCE vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save...

Service Provider Migration to Unified Veeam Data Cloud FAQ

Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...

EUVD-2025-32822

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either apmldaddr or link 0 BSS is valid, since we clear sdata-vif.validlink...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986564 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store.

...

A Hybrid CAPTCHA Combining Generative AI with Keystroke Dynamics for Enhanced Bot Detection

Completely Automated Public Turing tests to tell Computers and Humans Apart CAPTCHAs are a foundational component of web security, yet traditional implementations suffer from a trade-off between usability and resilience against AI-powered bots. This paper introduces a novel hybrid CAPTCHA system...