CVE-2026-53010

A flaw was found in the Linux kernel's ksmbd component. During a durable reconnect process in the smb2open function, a reference to a durable file descriptor is prematurely dropped. This can lead to a use-after-free vulnerability, potentially resulting in system instability or a denial of service...

EUVD-2026-38878

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs...

CVE-2026-53010

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs...

CVE-2026-53010

The CVE-2026-53010 vulnerability is in the Linux kernel ksmbd component. In smb2_open during a durable reconnect, a reference to the durable file descriptor is dropped too early (ksmbd_put_durable_fd(fp)), risking a use-after-free when error handling or scavenger access occurs (fp fields like cre...

CVE-2026-53010 ksmbd: fix use-after-free in smb2_open during durable reconnect

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2open during durable reconnect In smb2open, the call to ksmbdputdurablefdfp drops the reference to the durable file descriptor early during the durable reconnect process. If an error occurs...

CVE-2026-45732

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...

CVE-2026-45732 n8n: Cross-user Authorization Bypass in Dynamic Credential OAuth Endpoints

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...

CVE-2026-45732

CVE-2026-45732 affects n8n, an open-source workflow automation platform. The vulnerability lies in the OAuth1/OAuth2 credential reconnect endpoints, which incorrectly authorize access using credential:read instead of credential:update. An authenticated user with read-only access to a shared crede...

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Fix use after free for wext The key information in wext.connect is not reset upon reconnection, and this can retain data from a previous connection. Resetting the key data prevents drivers or mac80211 from...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: smb: client: fixed a potential deadlock that could occur when reconnecting channels. Fixed the function cifssignalcifsdforreconnect to follow the correct lock order and prevent the following deadlock from occurring:...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-fc: The use of lock access to portstate and rportstate was corrected. nvmefcunregisterremote removes the remote port from an lport object at any time when there is no active association. This issue conflicts with the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed an oops due to uninitialized server-smbdconn during reconnection. In smbddestroy, the pointer to server-smbdconn is cleared after freeing the smbdconnection struct it points to, so that reconnection won’t be confused...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed the session state check when reconnecting to avoid a use-after-free issue. Do not collect the exiting session in smb2reconnectserver, as it will be released soon...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a use-after-free in ksmbdclosefd, through the use of a durable scavenger mechanism. When a durable file handle persists after a session disconnection TCP closure without SMB2LOGOFF, sessionfdcheck sets fp-conn to NUL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “smb: client: fix TCP timers deadlock after rmmod” This fix reverts to the previous state with commit e9f2517a3e18a54a3943c098d2226b245d488801. The commit e9f2517a3e18 “smb: client: fix TCP timers deadlock after rmmod” is intende...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...

CVE-2026-10143

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in SCRAM authentication handling that allows a malicious or machine-in-the-middle broker to freeze the client event loop by supplying an excessively large iteration count. In scram.py, ScramClient.processserverfirstmessage...

PT-2026-48531

Name of the Vulnerable Software and Affected Versions kafka-python versions prior to 2.3.2 Description A denial-of-service issue exists in the SCRAM authentication handling. A malicious or machine-in-the-middle broker can freeze the client event loop by providing an excessively large iteration...

CVE-2026-32134

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a reconnect-collision payload, the broker can crash due to a NULL pointer dereference during MQTT session resumption for cleanstart=0...

freerdp: FreeRDP: Denial of service via heap use-after-free during auto-reconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This vulnerability, a heap use-after-free, occurs during an auto-reconnect operation when the xfclipboardformatsfree function frees memory that is still being accessed by another thread. A remote attacker could...