44 matches found
ROOT-APP-NPM-AIKIDO-2026-10823 AIKIDO-2026-10823 in @rootio/axios - Patched by Root
Root has patched AIKIDO-2026-10823 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-47675 CVE-2026-47675 in @rootio/hono - Patched by Root
Root has patched CVE-2026-47675 in the @rootio/hono package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-39Q2-94RC-95CP GHSA-39q2-94rc-95cp in @rootio/dompurify - Patched by Root
Root has patched GHSA-39q2-94rc-95cp in the @rootio/dompurify package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2016-20018 CVE-2016-20018 in @rootio/knex - Patched by Root
Root has patched CVE-2016-20018 in the @rootio/knex package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-27977 CVE-2026-27977 in @rootio/next - Patched by Root
Root has patched CVE-2026-27977 in the @rootio/next package for Root:npm. Multiple fixed versions available...
EUVD-2026-39427
Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage...
CVE-2026-57436
Summary: The CVE affects Nokogiri (Ruby) prior to 1.19.4, where Nokogiri::XML::Document#root= could accept a DTD node as the document root, causing a heap use-after-free during garbage collection/finalization and potentially an invalid memory read or segfault. Root cause: setting a non-root node ...
ROOT-APP-NPM-CVE-2021-3918 CVE-2021-3918 in @rootio/json-schema - Patched by Root
Root has patched CVE-2021-3918 in the @rootio/json-schema package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-41182 CVE-2026-41182 in @rootio/langsmith - Patched by Root
Root has patched CVE-2026-41182 in the @rootio/langsmith package for Root:npm. Multiple fixed versions available...
PT-2026-42672
Name of the Vulnerable Software and Affected Versions core-rs-albatross affected versions not specified Description A remote, unauthenticated denial-of-service issue exists in the MerkleRadixTrie::put chunk function. A malicious state-sync peer can cause a node to crash by responding to a...
CVE-2026-43053
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
EUVD-2026-26652
In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...
PT-2026-34911
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix missing NULL checks for kstrdup 1. Replace "of find node by path"/"" with "of root" to avoid multiple calls to "of node put". 2. Fix a potential kernel oops during early boot when memory allocation fails while...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003904)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003904 advisory. btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero. Tenable has...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000418)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000418 advisory. btrfsrootnode in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcudereferenceroot-node can be zero. Tenable has...
EUVD-2020-21847
Malware in sbrugna...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the root node being released during kernfsdrain, which could lead to post-release reuse...
Linux Distros Unpatched Vulnerability : CVE-2024-27058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tmpfs: fix race on handling dquot rbtree A syzkaller reproducer found a race while attemptin...
SUSE CVE-2024-1725
A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane HCP. This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node...
GO-2025-3512 kubevirt-csi: PersistentVolume allows access to HCP's root node in github.com/kubevirt/csi-driver
kubevirt-csi: PersistentVolume allows access to HCP's root node in github.com/kubevirt/csi-driver. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...