CVE-2026-31433

A flaw was found in the ksmbd module of the Linux kernel. A remote attacker can exploit this vulnerability by sending a specially crafted compound request, specifically a combination of QUERYDIRECTORY and QUERYINFO. Due to a missing validation check for the client-provided output buffer length, a...

DEBIAN-CVE-2026-33258

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC3 caches...

EUVD-2026-24640

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

CVE-2026-31432

CVE-2026-31432 affects the Linux kernel ksmbd component. Affected handling of compound requests (e.g., READ + QUERY_INFO(Security)) could allow an out-of-bounds write when the first READ command consumes most of the response buffer and ksmbd builds a security descriptor. The root cause is that sm...

CVE-2026-31432 ksmbd: fix OOB write in QUERY_INFO for compound requests

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERYINFO for compound requests When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd could write beyond the allocated...

EUVD-2026-24599

The a+HRD developed by aEnrich has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...

EUVD-2026-24585

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

CVE-2026-41457

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

CVE-2026-41457 OwnTone Server < 29.1 SQL Injection via query and filter Parameters

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

CVE-2026-41457

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

CVE-2026-41457 OwnTone Server < 29.1 SQL Injection via query and filter Parameters

OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...

CVE-2026-41457

OwnTone Server (versions 28.4–29.0) contains a SQL injection in DAAP query and filter handling. Malicious values in query= and filter= for integer-mapped DAAP fields bypass filters and may grant unauthorized access to media library data due to insufficient input sanitization. Connected records in...

SUSE CVE-2026-35588

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module glances/exports/glancescassandra/init.py interpolates keyspace, table, and replicationfactor configuration values directly into CQL statements without validation. A user with write...

CVE-2026-41145

MinIO contains an authentication bypass in the STREAMING-UNSIGNED-PAYLOAD-TRAILER code path, affecting releases prior to RELEASE.2026-04-11T03-20-12Z. An attacker with a valid access key (including default minioadmin or any key with WRITE on a bucket) can write objects to any bucket without a val...

CVE-2026-41145 MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads

MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary...

CVE-2026-41145 MinIO has an Unauthenticated Object Write via Query-String Credential Signature Bypass in Unsigned-Trailer Uploads

MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's STREAMING-UNSIGNED-PAYLOAD-TRAILER code path allows any user who knows a valid access key to write arbitrary...

Exploit for CVE-2026-26903

CVE-2026-26903 PoC Denial-of-service via unbounded recursio...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ksmbd module’s handling of the QUERYINFOSecurity composite request. This vulnerability may le...

PT-2026-34275

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in ksmbd when processing compound requests, such as READ combined with QUERY INFOSecurity. If the initial command consumes most of the response buffer, ksmb...

PT-2026-34440

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A client might theoretically cause a mismatch between queries sent to a backend and the received responses. This occurs when a flood of perfectly timed queries i...