CVE-2026-46255

A flaw was found in the Linux kernel's fsl-edma driver. This vulnerability occurs because the driver attempts to explicitly disable clocks during its removal process, even though these resources are automatically managed. This redundant action can lead to warnings being generated during driver...

CVE-2026-45953

A flaw was found in the Linux kernel's RAID5 module. When a low-level bitmap llbitmap bit state is unwritten in a degraded array, a missing check during write operations can cause the system to enter an infinite loop. This can lead to an I/O hang, effectively resulting in a Denial of Service DoS...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Thermal: Intel: int340x: Processor: Fixed warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device. This means that the device will be automatically disabled when the driver is detache...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ATA: libata-transport: fixed the double call to atahostput in atatportadd In the error path in atatportadd, when calling putdevice, atatportrelease is called. This function decreases the refcount of ‘ap-host’. Then, atahostput is...

SUSE CVE-2026-43479

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

CVE-2026-43479

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

CVE-2026-43438

In the Linux kernel, the following vulnerability has been resolved: schedext: Remove redundant cssput in scxcgroupinit The iterator cssforeachdescendantpre walks the cgroup hierarchy under cgrouplock. It does not increment the reference counts on yielded css structs. According to the cgroup...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper handling of the error handling path in the pcislottrylock function. This issue...

BIT-ELK-2026-0530 Allocation of Resources Without Limits or Throttling in Kibana Leading to Excessive Allocation

Allocation of Resources Without Limits or Throttling CWE-770 in Kibana Fleet can lead to Excessive Allocation CAPEC-130 via a specially crafted request. This causes the application to perform redundant processing operations that continuously consume system resources until service degradation or...

PT-2026-1242

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the amlogic-a4 Real Time Clock RTC driver. A double free issue occurs because the clock obtained via devm clk get enabled is automatically managed by...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a redundant clkdisableunprepare call in the wrong path and remove function in the amlogic-a4 rtc driver, whi...

CVE-2025-40223

In CVE-2025-40223, the Linux kernel MOST/hdm_disconnect path could suffer use-after-free or double-free when unregistering the MOST interface device. The fix relocates frees of mdev-owned allocations into release_mdev() so they run once when the device is truly released, and removes redundant put...

Malicious code in publish-xanthus-cypress-redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3cddde1a52ce767fadb05cbd31671938c574d95abb54b2c3e13d2a133ea934da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in redundant-coral-whale (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5da0a610fc94229adcc3d9bd82e45ec8f6fa42a6ca916a4c65d3f2c52a1ff4dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117132

Malicious code in redundant-coral-whale npm...

Malicious code in redundant_porpoise_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1430d2d24b4cdcd3a98002fbe0ad7e590fd99f906d28f074650550f42c244f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in redundant_catfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9efb8f54b7233d5661efb9d4a4057bb3da6bbef3fd9a39fbf6c16ccb7b10615f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-95470

Malicious code in redundantcatfishz3n npm...

Malicious code in redundant_hornet_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12738b452baed8aac3517f4b05f1ad603a9d9c6720d0f77c0f1754a5774e6b56 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-89211

Malicious code in redundantcoyotez3n npm...