Unity Linux 20.1070e Security Update: kernel (UTSA-2026-010738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010738 advisory. The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes communicates in cleartext even though encryption has been enabled. This occurs...

Important: containerd

Issue Overview: Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is in fact used to...

The vulnerability of the Cyrus SASL user authentication method, related to writing beyond the buffer memory boundary, allows a attacker to cause a service denial.

The vulnerability of the Cyrus SASL user authentication method is related to improper operation of the LDAP protocol. Exploiting this vulnerability can allow a malicious actor to cause service failures...

Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client

Update: 4/9 Cisco PSIRT has released additional guidance available here. Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Several incidents in multiple countries, including some specifical...

Cisco Smart Install Detection

Binary data ciscosmartinstalldetect.nbin...

Cisco IOS Smart Install Protocol Misuse (cisco-sr-20170214-smi)

The remote Cisco IOS device has the Smart Install feature enabled. The Smart Install SMI protocol does not require authentication by design. The absence of an authorization or authentication mechanism in the SMI protocol between the integrated branch clients IBC and the director can allow a clien...