PT-2026-43824

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue in the Linux kernel can lead to a deadloop within the rcu read unlock function due to softirq. This occurs because recursion-protection code was removed from the rcu read unlock...

PT-2026-43753

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the prototype for the bpf xdp store bytes function is incorrect. The verifier incorrectly expects the third argument to be of type ARG PTR TO...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with the pt5161lreadblockdata function in pt5161l, including buffer overflows and improper...

Linux Distros Unpatched Vulnerability : CVE-2026-46096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page...

Samba 访问控制错误漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a control access vulnerability that stems from the lack of SMB-layer access checks when handling NTFS-style symbolic links. This vulnerability allows authenticated users to create or...

PT-2026-44616

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds read in Dawn allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. An out of bounds read occurs when a program reads data past the...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of READONCE to read the struct ublskrvctrlcmd, potentially leading to race conditions...

Budibase 安全漏洞

Budibase is an open-source platform developed by Budibase in the UK. It allows for the creation of internal applications, workflows, and management panels within minutes. Versions of Budibase prior to 3.39.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that GET...

PT-2026-43991

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential arbitrary file read in the asperahttpd component. An authenticated user may be ab...

CVE-2026-46051

md/raid5: fix soft lockup in retryalignedread...

Linux Distros Unpatched Vulnerability : CVE-2026-45957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rcu: Fix rcureadunlock deadloop due to softirq Commit 5f5fa7ea89dc rcu: Don't use negative nesting depth in rcureadunlock removes the recursion-protection code...

Realtek rtl819x - Local Privilege

Exploit Title: Realtek rtl819x - Local Privilege Escalation Date: 2026-05-03 Exploit Author: Daniil Gordeev Vendor Homepage: http://www.realtek.com Software Link: https://github.com/iptime-gpl/userappsn104qi representative GPL release Version: Realtek rtl819x Jungle SDK, all known versions throug...

CVE-2026-45886

bpf: Fix bpfxdpstorebytes proto for read-only arg...

dalfox 安全漏洞

Dalfox is an automated cross-site script scanning tool developed by HAHWUL. Versions of Dalfox prior to 2.13.0 contained security vulnerabilities. These vulnerabilities stemmed from the REST API server mode, where the custom-payload-file field directly deserialized from the attacker’s request bod...

PT-2026-43842

In the Linux kernel, the following vulnerability has been resolved: ublk: use READ ONCE to read struct ublksrv ctrl cmd struct ublksrv ctrl cmd is part of the io uring sqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

PT-2026-43600

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a no...

CVE-2026-45943

erofs: fix inline data read failure for ztailpacking pclusters...

PT-2026-43584

Name of the Vulnerable Software and Affected Versions Synology Contacts versions prior to 1.0.10-20659 Description Improper neutralization of input during web page generation leads to a Cross-site Scripting XSS issue in the contact functionality. This allows remote authenticated users to read or...

PT-2026-43594

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bridge FDB entries not using stable dst snapshots during RCU reading operations. This vulnerabili...