CVE-2026-44652

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

CVE-2026-44317

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" enabling traffic-routing feature negotiation and whose medComponents...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: added consistency checks for copen/cread operations. This prevents malicious processes from executing random copen/cread requests, which could potentially crash the system. The additional checks are listed below: - Fo...

CVE-2026-43119 Bluetooth: hci_sync: annotate data-races around hdev->req_status

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

CVE-2026-43119

In CVE-2026-43119, the Linux kernel Bluetooth HCI synchronous command infrastructure has a data race on hdev->req_status: __hci_cmd_sync_sk() updates it under req_lock on one workqueue, while other paths (e.g., hci_send_cmd_sync on a different workqueue, plus hci_cmd_sync_complete/cancel) read...

CVE-2026-43119

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

Astra Linux - уязвимость в mbedtls

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtlsx509stringtonames takes a head argument that is documented as an output argument. The documentation does not suggest that the function...

PT-2026-35718

A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-agent-server. Performing a manipulation of the argument req.params results in path traversal. Remote...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007330)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007330 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sgfinishremreq calls blkrqunmapuser. The latter function...

CVE-2026-40395

Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service daemon panic for shared VCL. The headerplus.writereq0 function from vmodheaderplus updates the underlying req0, which is normally the original read-only request from which req is derived readable and writable from...

Rack::Request accepts invalid Host characters, enabling host allowlist bypass

Summary Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, , and @. Because req.host returns the full parsed value, applications that validate hosts using naive prefix or suffix checks can be...

CVE-2026-21710

A flaw in Node.js HTTP request handling causes an uncaught TypeError when a request is received with a header named proto and the application accesses req.headersDistinct. When this occurs, dest"proto" resolves to Object.prototype rather than undefined, causing .push to be called on a non-array...

Google Pixel 安全漏洞

The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability. This vulnerability stems from an obfuscation issue in the gmcddrhandlembamrreq function within the gmcmbaddr.c file, which may lead to an increase in local privileges...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27005)

"The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27005 advisory. - In the Linux kernel, the following vulnerability has been resolved: interconnect: Don't access...

MiracleLinux 7 : krb5-1.15.1-51.el7 (AXSA:2021-2558:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2558:03 advisory. krb5: NULL pointer dereference in processtgsreq in kdc/dotgsreq.c via a FAST inner body that lacks server field CVE-2021-37750 Tenable has extracted the...

EUVD-2026-2663

Malicious code in transitive-req PyPI...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: md/raid1,raid10: don't ignore IO flags If blk-wbt is enabled by default, it's found that raid write performance is quite bad because all IO are throttled by wbt of underlying disks, due to flag REQIDLE is ignored. And turns out...

PT-2025-54178

Name of the Vulnerable Software and Affected Versions FastBee versions prior to 2.1 Description A flaw exists in the SIP Message Handler component of FastBee, specifically within the getRootElement function located in the file...

PT-2025-53166

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc7+ 154 Description The Linux kernel contains a flaw within the virtio pmem subsystem. Specifically, the submit bio noacct function requires the bio operation to be either WRITE or ZONE APPEND for flush...