81884 matches found
EUVD-2026-26603
In the Linux kernel, the following vulnerability has been resolved: spi: stm32-ospi: Fix resource leak in remove callback The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of spi controller and other resources. Remove the early return so cleanup completes...
CVE-2026-31783
In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove callback amlsfcprobe registers the on-host NAND ECC engine, but teardown was missing from both probe unwind and remove-time cleanup. Add a devm cleanup...
CVE-2026-31721
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...
EUVD-2026-26510
In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: take a reference on the USB device in createcard The caiaq driver stores a pointer to the parent USB device in cdev-chip.dev but never takes a reference on it. The card's privatefree callback, sndusbcaiaqcardfree, ca...
Malicious code in apple-internal-security-library-v99 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f44267d5128f9ac2c62938b60bfa45264207a0010c41c97082c72246a3a7a248 The package apple-internal-security-library-v99 was found to contain malicious code. Source: ghsa-malware...
WordPress Remove Add to Cart WooCommerce plugin <= 1.4.7 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Remove Add to Cart WooCommerce versions = 1.4.7...
PT-2026-36421
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the remove callback of the stm32-ospi SPI driver. The issue occurs because the remove callback returns prematurely if the pm runtime resume and get function...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an early return on PM recovery failure in the remove callback of the spi stm32-ospi driver, which could...
Malicious code in intercom-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31f6931321619f69c7d1da208b4dffb8162d8ef83b0c9ee16539a8d8620ccbcc The package intercom-client was found to contain malicious code. Source: ghsa-malware 2d01b1077a26ddef79a7421bd98e7e2e9dd6a8d2447f41c2cfe3fb5e35f9631...
MAL-2026-3204 Malicious code in intercom-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31f6931321619f69c7d1da208b4dffb8162d8ef83b0c9ee16539a8d8620ccbcc The package intercom-client was found to contain malicious code. Source: ghsa-malware 2d01b1077a26ddef79a7421bd98e7e2e9dd6a8d2447f41c2cfe3fb5e35f9631...
Amazon Linux 2 : glibc, --advisory ALAS2-2026-3272 (ALAS-2026-3272)
The version of glibc installed on the remote host is prior to 2.26-64. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3272 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from t...
Important: glibc
Issue Overview: The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing...
MAL-2026-3190 Malicious code in tanstack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7028347dbae61f876b9cca30a5d444da26b4ceab8364f00f8f2be35ff6baa2c4 The package tanstack was found to contain malicious code. Source: ghsa-malware a87082b3e2d555f184ce24de123d5e2d03b84521e22903e21e17d0222ab4b5e9 Any...
Malicious code in tanstack (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7028347dbae61f876b9cca30a5d444da26b4ceab8364f00f8f2be35ff6baa2c4 The package tanstack was found to contain malicious code. Source: ghsa-malware a87082b3e2d555f184ce24de123d5e2d03b84521e22903e21e17d0222ab4b5e9 Any...
MAL-2026-3174 Malicious code in internal-sys-audit-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fa7464d076e1807141a149346864e59a44c3b8e2731c02e05c9d93d0dcf487 The package internal-sys-audit-check was found to contain malicious code. Source: ghsa-malware...
Malicious code in internal-sys-audit-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fa7464d076e1807141a149346864e59a44c3b8e2731c02e05c9d93d0dcf487 The package internal-sys-audit-check was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3171 Malicious code in frank-newton3-final-audit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475946d315dcfc995a7c806043777be1e5a57b72c7c1313fc36944f37a52db1 The package frank-newton3-final-audit was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3170 Malicious code in frank-newton3-db-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c57962acb9140cd99fb10338da13df89a6af2a7da30694456df2bc151acd247 The package frank-newton3-db-poc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3173 Malicious code in gcp-internal-research-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9241eea1246719d57b428f64fd5138ae386fcf285aadd32a0a2ece3a8926b588 The package gcp-internal-research-poc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3169 Malicious code in frank-newton3-db-final (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a69c1c519dbe289ed217a75f1a31ace9b850acdb7df6cdadd95ca68f879f1d The package frank-newton3-db-final was found to contain malicious code. Source: ghsa-malware...