Linux Distros Unpatched Vulnerability : CVE-2026-6657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is...

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

Improperly Implemented Security Check for Standard

Overview Affected versions of this package are vulnerable to Improperly Implemented Security Check for Standard due to improper enforcement of security rules during concurrent execution of Security Mode Command and N2 handover procedures. An attacker can cause handover failures and disrupt networ...

CVE-2026-45839 bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

SUSE CVE-2026-43498

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...

CVE-2026-43498

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...

CVE-2026-43498

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...

CVE-2026-43498

CVE-2026-43498 is a Linux kernel issue in the accel/ivpu path. The vulnerability stems from the ability to re-export imported GEM buffers; a fix adds a custom prime_handle_to_fd callback that checks if the GEM object is imported and returns -EOPNOTSUPP in that case. Under re-export scenarios, buf...

EUVD-2026-31272

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Disallow re-exporting imported GEM objects Prevent re-exporting of imported GEM buffers by adding a custom primehandletofd callback that checks if the object is imported and returns -EOPNOTSUPP if so. Re-exporting...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed the issue of re-injecting stale data from stale subflows. When the MPTCP Process Manager detects that a subflow is stale, the packet scheduler must re-inject all the unacknowledged data at the mptcp level. To avoid...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: The OOB write in bnxtrecopyerrstats was fixed. The commit ef56081d1864 “RDMA/bnxtre: RoCE-related hardware counters update” added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR serves a...

Improper Authentication

Shopware is vulnerable to Improper Authentication. The vulnerability is due to insufficient validation and binding of shop installations to their original domains during app re-registration, which allows an attacker to hijack app communication and obtain API credentials intended for legitimate...

CVE-2026-44589

Nuxt OG Image generates OG Images with Vue templates in Nuxt. The isBlockedUrl denylist introduced in [email protected] to remediate GHSA-pqhr-mp3f-hrpp Dmitry Prokhorov / Positive Technologies, March 2026 is incomplete. It has an incomplete IPv6 prefix list and is missing redirect re-validatio...

SUSE CVE-2026-43469

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrement rereceiving on the early exit paths In the event that rpcrdmapostrecvs fails to create a work request due to memory allocation failure, say or otherwise exits early, we should decrement ep-rereceiving before...

GHSA-X3R2-FJ3R-G5MV sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)

In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS payload is base64-encoded JSON, NOT encrypted. Any party who could observe a minted token CI build logs, container env dumps...

bitwarden 安全漏洞

Bitwarden is an open-source password management backend service developed by Bitwarden. Versions of Bitwarden prior to 2026.4.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of a master password re-authentication requirement when retrieving or rotating organizati...

PT-2026-39717

Name of the Vulnerable Software and Affected Versions Bitwarden Server versions prior to 2026.4.1 Description An issue exists where master-password re-authentication is not required when retrieving or rotating an organization's SCIM API key. This allows an authenticated user with SCIM management...

UBUNTU-CVE-2026-43469

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrement rereceiving on the early exit paths In the event that rpcrdmapostrecvs fails to create a work request due to memory allocation failure, say or otherwise exits early, we should decrement ep-rereceiving before...