CVE-2026-25992

SiYuan before 3.5.5 exposes a vulnerability in the /api/file/getFile endpoint: it uses case-sensitive equality checks to block access on case-insensitive file systems (e.g., Windows). An attacker can bypass restrictions via mixed-case paths and read protected configuration files. Impact is confid...

SUSE CVE-2026-23002

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use kernelread for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemapreadfolio". For the sleepable context, convert freader to use kernelread instead of direct page cache...

CVE-2026-23002

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use kernelread for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemapreadfolio". For the sleepable context, convert freader to use kernelread instead of direct page cache...

UBUNTU-CVE-2026-23002

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use kernelread for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemapreadfolio". For the sleepable context, convert freader to use kernelread instead of direct page cache...

GHSA-HV9V-7W3V-RJ6F `Read` on uninitialized buffer in `fill_buf()` and `read_up_to()`

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...