Linux Distros Unpatched Vulnerability : CVE-2026-43371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time t...

PT-2026-39032

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A problem in the macb driver occurs when transmit is disabled, as the transmit buffer queue pointer resets to the address specified by the transmit buffer queue base address register. Th...

OESA-2026-1599 kata-containers-go security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1437 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1436 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1435 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1434 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

OESA-2026-1433 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a contain...

PT-2026-6361

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

CVE-2026-24054

Kata Containers Runtime (kata-containers) versions prior to 3.26.0 are affected. When a container image is malformed or has no layers, containerd bind-mounts an empty snapshotter directory for the container rootfs; the Kata runtime then mounts rootfs and may detect it as a block device, causing t...

CVE-2026-24054 Kata Containers Runtime: Host block device can be hotplugged to the VM if the container image is malformed or contains no layers

Kata Containers is an open source project focusing on a standard implementation of lightweight Virtual Machines VMs that perform like containers. In versions prior to 3.26.0, when a container image is malformed or contains no layers, containerd falls back to bind-mounting an empty snapshotter...

[SECURITY] Fedora 43 Update: buildah-1.42.0-4.fc43

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

EUVD-2022-35254

Malicious code in bioql PyPI...

EUVD-2022-54850

Malicious code in bioql PyPI...

EUVD-2024-19191

Malicious code in bioql PyPI...

CVE-2025-54867

Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...

GHSA-J26P-6WX7-F3PW Youki: If /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem.

Summary If /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. Details For security reasons, container creation should be prohibited if /proc or /sys in the rootfs is a symbolic link. I verified this behavior with youki...

Important: runc

Issue Overview: A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization, by adding a symlink to the rootfs that points to a directory on the volume. The highest threat from this...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the mirror-target and mirror-host annotations. Remediation Upgrade k8s.io/ingress-nginx/rootfs/etc/nginx/template to version 1.11.5, 1.12.1, 4.11.5, 4.12.1 or higher. References - GitHub Commit - GitHub...

Linux Distros Unpatched Vulnerability : CVE-2022-49379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs w...