CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

EUVD-2026-28237

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

CVE-2026-44600

CVE-2026-44600 affects Tor prior to 0.4.9.7, where the conflux out-of-order queue is not correctly accounted during queue clearing (TROVE-2026-010). The issue is described as a handling/queue accounting bug in the conflux component, with impact listed as low availability impact in at least one CV...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

SUSE CVE-2026-43022

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...

SUSE CVE-2026-43083

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

SUSE CVE-2026-43084

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...

CVE-2026-44600

Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010...

PT-2026-38326

Name of the Vulnerable Software and Affected Versions Tor versions prior to 0.4.9.7 Description Tor mishandles the accounting of the conflux out-of-order queue during the process of clearing a queue. Recommendations Update to version 0.4.9.7 or later...

MAXHUB Pivot client application 加密问题漏洞

The MAXHUB Pivot client application is a client component of the MAXHUB company’s device management platform. Versions of the MAXHUB Pivot client application prior to 1.36.2 contained an encryption vulnerability. This vulnerability stemmed from the hardcoded AES key within the application. It cou...

Tor 安全漏洞

Tor is a virtual tunnel network created by the Tor Project organization. It allows individuals and groups to enhance their privacy and security on the Internet. Versions of Tor prior to 0.4.9.7 contained a security vulnerability, which stemmed from improper handling of the conflux during queue...

PT-2026-38599

Name of the Vulnerable Software and Affected Versions MAXHUB Pivot client versions prior to 1.36.2 Description An issue in the application allows an attacker to obtain encrypted tenant email addresses and related metadata from any tenant. Because a hardcoded AES key Advanced Encryption Standard, ...

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

GHSA-82RM-QCFX-2V78 Duplicate Advisory: OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r77c-2cmr-7p47. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media...

EUVD-2026-28178

OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery...

Duplicate Advisory: OpenClaw: Delivery queue recovery could lose group tool-policy context for media replay

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r77c-2cmr-7p47. This link is maintained to preserve external references. Original Description OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media...

CVE-2026-43195

A flaw was found in the Linux kernel's drm/amdgpu graphics driver. This vulnerability arises from inadequate validation of user-provided queue sizes, which do not meet hardware requirements. An attacker could exploit this by supplying invalid queue size configurations, potentially leading to GPU...

CVE-2026-43180

A flaw was found in the Linux kernel's kaweth USB network driver. The kawethsetrxmode function incorrectly manipulates the transmit TX queue, allowing it to be re-enabled while a USB Request Block URB is still active. This can result in the same URB being submitted twice, leading to a kernel...