CVE-2026-40938

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation...

SUSE CVE-2026-33211

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the pathInRepo parameter. A tenant with permissi...

kernel: arp: Prevent overflow in arp_req_get().

A vulnerability was found in the arpreqget function in the Linux kernel when handling the SIOCGARP ioctl input/output control request. This function copies data over into a fixed-length buffer which could result in a buffer overflow and cause memory corruption, undefined behavior, or crashes...

Samba memory corruption

Memory corruption on NetBIOS name resolution request parsing...

Abo CMS <= 5.4 remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications =================================================== Abo CMS = 5.4 remote SQL Injection Vulnerabilities =================================================== Author: Vladimir Vorontsov OnSec Russian Security Group In the popular content...