abm-colony-collection (>=0.1.0 <=0.5.0), abm-initialization-collection (>=0.1.0 <=0.7.0) +108 more potentially affected by CVE-2026-7724 via prefect (>=0.9.2 <=3.6.22)

prefect PYPI version =0.9.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.16.0, =0.0.126, =0.1.0, =1.0.4, =3.4.0, =0.4.0b0, =0.1.11, =0.1.0, =0.5.0 and more Source cves: CVE-2026-7724 Source advisory: OSV:GHSA-P3PQ-HXMR-VQQR...

abm-colony-collection (>=0.1.0 <=0.5.0), abm-initialization-collection (>=0.1.0 <=0.7.0) +106 more potentially affected by CVE-2026-7723 via prefect (>=0.9.2 <=3.6.13)

prefect PYPI version =0.9.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.126, =0.1.0, =1.0.4, =3.4.0, =0.4.0b0, =0.1.11, =0.1.0, =1.0.17, =6.0.0, =11.3.0 and more Source cves: CVE-2026-7723 Source advisory: OSV:GHSA-HVPH-5985-R63V...

EUVD-2026-27047

An integer underflow in FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

SambaBox 代码注入漏洞

SambaBox is a file-sharing server solution developed by SambaBox Inc. Based on Samba, versions 5.1 to 5.3 of SambaBox had a code injection vulnerability. This vulnerability stemmed from improper code generation control, which could lead to OS command injections...

Claude SDK for TypeScript 安全漏洞

Claude SDK for TypeScript is an open-source development toolkit by Anthropic, designed for calling the Claude API using TypeScript. There were security vulnerabilities in versions of Claude SDK for TypeScript from 0.79.0 to 0.91.1. These vulnerabilities stemmed from BetaLocalFilesystemMemoryTool...

VulnCheck KEV: CVE-2024-13744

The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the validateproductinputfieldsonaddtocart function in versions 4.0.1 to 7.2.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

PT-2026-37111

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.44 Traefik versions prior to 3.6.15 Traefik versions prior to 3.7.0-rc.3 Description An information disclosure issue exists in the errors custom error pages middleware. When a backend returns a response matching...

PT-2026-36875

Name of the Vulnerable Software and Affected Versions FRRouting FRR versions 10.0 through 10.6 Description An integer underflow occurs when a program calculates a value that is smaller than the minimum value the variable can hold, often wrapping around to a very large number. This issue allows...

Astra Linux – Vulnerability in curl

There is an improper authentication vulnerability in curl versions 7.33.0 through and including 7.82.0. This vulnerability may allow for the reuse of OAUTH2-authenticated connections without ensuring that the connection was authentically verified with the same credentials used for this transfer...

Astra Linux – Vulnerability in Samba

A flaw was discovered in Samba. Some SMB1 write requests were not properly range-checked to ensure that the client had sent enough data to complete the write operation. As a result, the contents of the server’s memory were written to the file or printer, rather than the data provided by the clien...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed a reference count bug and a potential UAF in perfmmap. Syzkaller reported a refcountt issue where the increment of the reference count was set to 0; there was also a warning about a use-after-free when using...

Astra Linux – Vulnerability in libproxy

In url.cpp within libproxy versions 0.4.x to 0.4.15, it is possible for a remote HTTP server to trigger uncontrolled recursion by sending a response that consists of an infinite stream without a newline character. This leads to a stack exhaustion issue...

Astra Linux – Vulnerability in imagemagick

In the IntensityCompare function within /MagickCore/quantize.c, a double value was being converted to an int and then returned. In some cases, this resulted in a value that was outside the range of the type int. This flaw could be triggered by a malicious input file under certain conditions when...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64: mm: fixed the sanity check for VA-range Both createmappingnoalloc and updatemappingprot perform sanity checks on their ‘virt’ parameter. However, the check itself doesn’t make much sense. The condition used today seems ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: Avoid unnecessary calls to invalidrangestart/invalidaterangeend when using mremap with oldsize=0. If the mremap system call with oldsize=0 ends up in movepagetables, it will unnecessarily call...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Range checks for the CHDBOFF and ERDBOFF registers. If the values read from the CHDBOFF and ERDBOFF registers are outside the range of the MHI register space, an invalid address may be calculated, which can later...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb3: Fixed temporary data corruption in the collapse range. The “collapse range” does not discard the affected cached regions; therefore, there is a risk of temporarily corrupting the file data. This fix corresponds to xfstest...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fixed a NULL pointer dereference in pnfsmarkmatchinglsegsreturn. The commit de144ff4234f fixes the issue by changing pnfsreturnlayout to call pnfsmarkmatchinglsegsreturn, with NULL passed as the argument to the...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: arm64: ftrace: fixed module PLTs with mcount Li Huafei reports that the ftrace with module PLTs based on mcount was broken by the commit: a6253579977e4c6f “arm64: ftrace: consistently handle PLTs.” When module PLTs are used and a...