May 12, 2026—KB5087544 (OS Builds 19045.7291 and 19044.7291)

May 12, 2026—KB5087544 OS Builds 19045.7291 and 19044.7291 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...

UBUNTU-CVE-2026-43385

In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...

CVE-2026-43431

In the Linux kernel xHCI host controller driver, CVE-2026-43431 stems from a NULL pointer dereference when reading portli debugfs files. The bug occurs if xhci->max_ports counts more port registers than the number reported by Supported Protocol capabilities, which can happen when max_ports exc...

ROS-20260507-73-0011

Vulnerability in tomcat11 related to a flaw in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

ROS-20260507-73-0009

Vulnerability in tomcat related to flaws in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

ROS-20260507-73-0010

Vulnerability in tomcat10 related to a flaw in the error reporting mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...

EUVD-2025-209704

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

CVE-2026-43171

A flaw was found in the Linux kernel's EFI/CPER component. This vulnerability occurs because the cperprintfwerr function does not adequately validate the length of error records against a provided offset. A malicious or malformed firmware could exploit this by providing an offset that causes an...

CVE-2025-31960 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

CVE-2025-31960 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module

HCL BigFix Service Management SM is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that supplying an invalid or out-of-range value to the consumercompany parameter during a report-viewing request causes the application to trigger an...

CVE-2025-31960

CVE-2025-31960 affects HCL BigFix Service Management (SM). In the reporting module, improper error handling when a consumer_company parameter is supplied in a report-viewing request can trigger an unhandled exception, leading to information exposure. CVSS:3.1 base score 5.3 (MEDIUM), network acce...

EUVD-2026-27677

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

CVE-2026-43266

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

CVE-2026-43279

The CVE-2026-43279 entry concerns the Linux kernel ALSA USB-audio subsystem. A discrepancy between playback and capture stream setups (e.g., USB core max packet size) can cause out-of-bounds writes to the buffer, potentially crashing the system. A fix was implemented by adding a sanity check of t...

CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

CVE-2026-43266 EFI/CPER: don't go past the ARM processor CPER record buffer

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the sectionlength is too small, but it doesn't detect if it is too big. Currently, if the firmware receives an ARM process...

PT-2026-38085

Name of the Vulnerable Software and Affected Versions HCL BigFix Service Management SM affected versions not specified Description Improper error handling within the reporting module leads to information exposure. Supplying an invalid or out-of-range value to the consumer company parameter during...

HCL BigFix Service Management 安全漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management SM has a security vulnerability. This vulnerability stems from improper error handling in the reporting module. When invalid or out-of-range...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/ras: Fixed the device confusion in the CPER handler. Upon inspection, the cxlcperhandleproterr function makes several fragile assumptions that can lead to crashes: 1. It assumes that the endpoints identified in the record...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: powerpc/mm/fault: Fixed the reporting of kfence page faults. The copyfromkernelnofault function can be called when reading /proc/kcore. /proc/kcore may contain kfence objects that are not mapped, and reading these objects via...