PT-2026-43834

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The map direct value addr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolve pseudo ldimm...

CVE-2026-45932

bpf: Fix tcx/netkit detach permissions when prog fd isnt given...

PT-2026-43819

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

CVE-2026-46624

Twenty is an open source CRM. From 1.7.7 through 1.16.7, a critical Remote Code Execution RCE vulnerability exists in Twenty CRM via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If Postgres user is a super user then any authenticated user can execute arbitrary OS commands on the...

Twenty 安全漏洞

Twenty is an open-source CRM platform developed by Twenty. Versions 1.7.7 to 1.16.7 of Twenty contain security vulnerabilities. These vulnerabilities stem from SQL injection attacks via uncleaned timeZone parameters and PostgreSQL COPY TO PROGRAM attacks, which may allow authenticated users to...

PT-2026-43352

Name of the Vulnerable Software and Affected Versions Twenty CRM versions 1.7.7 through 1.16.7 Description A Remote Code Execution RCE issue exists via a chained SQL Injection and PostgreSQL COPY TO PROGRAM attack. If the Postgres user is a superuser, any authenticated user can execute arbitrary ...

EUVD-2026-31703

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

RockyLinux 9 : systemd (RLSA-2025:22660)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22660 advisory. systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump CVE-2025-4598 Tenable has...

SUSE-SU-2026:21742-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

SUSE-SU-2026:21727-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: BPF: Fixed potential improper dereferencing of pointers in bpfsysbpf. The bpfsysbpf helper function allows an eBPF program to load another eBPF program from within the kernel. In this case, the argument union bpfattr pointer...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Bonding: Check xdp program when setting the bond mode. The following operations may trigger a warning:1 ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp ob...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a stack-out-of-bounds write in devmap. The getupperifindexes function iterates over all upper devices and writes their indices into an array without checking bounds. Additionally, the calling functions assume that the...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Detects IP == ksym.end as part of the BPF program Now, since bpfthrow is the first call instruction with noreturn semantics within the verifier, this also leads to the elimination of dead code in unprecedented ways. For...

Astra Linux - уязвимость в glibc

A flaw was discovered in glibc. A “off-by-one” buffer overflow and underflow in the getcwd function may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and the size passed to getcwd in a setuid program could exploit this flaw t...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: do not update checksum in bnxtxdpbuildskb The bnxtrxpkt function updates the ipsummed value at the end if the checksum offload is enabled. When the XDP-MB program is executed and returns XDPPASS, the bnxtxdpbuildskb...

Astra Linux - уязвимость в dcmtk

DCMTK through version 3.6.6 does not handle memory deallocation properly. The object in the program is freed, but its address is still used in other locations. Sending specific requests to the dcmqrdb program will lead to a double-free. An attacker can use this vulnerability to launch a DoS attac...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf: devmap: Provide rxq after a redirect. rxq contains a pointer to the device from which the redirect occurred. Currently, the BPF program executed after a redirect via BPFMAPTYPEDEVMAP does not set this pointer. This is...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in resolveprogtype for BPFPROGTYPEEXT When loading an EXT program without specifying attr-attachprogfd, the prog-aux-dstprog will be null. At this time, calling resolveprogtype anywhere will resu...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net, sunrpc: Remapping EPERM in case of connection failure in xstcpsetupsocket. When using a BPF program on kernelconnect, the call may return -EPERM. This causes xstcpsetupsocket to loop indefinitely, filling up the syslog and...