CVE-2026-43307

The CVE concerns the Linux kernel iio: accel: adxl380 driver. The interrupt handler can miscalculate FIFO entries because the sensor fills FIFO one sample at a time while batches are read, causing the FIFO status to report a non-multiple of N. This can cause the driver to read more entries than p...

Linux Distros Unpatched Vulnerability : CVE-2026-43141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario...

CVE-2026-23177 mm, shmem: prevent infinite loop on truncate race

In the Linux kernel, the following vulnerability has been resolved: mm, shmem: prevent infinite loop on truncate race When truncating a large swap entry, shmemfreeswap returns 0 when the entry's index doesn't match the given index due to lookup alignment. The failure fallback path checks if the...

Loss of precission when calculating the accumulated CANTO per share

Lines of code Vulnerability details Impact When calculating the amount of CANTO per share in updatemarket, dividing by 1e18 in cantoReward and multiplying by the same value in accCantoPerShare rounds down the final value, making the amount of rewards users will receive be less than expected. Proo...

improper validations result in loss of funds.

Lines of code Vulnerability details Impact due the improper validation on amount , the users can pass Amount as 0 the calculated fee will be 0 and safeTranferFrom will pass. function getNFTMintingPriceuint256 id, uint256 amount public view returns uint256 fee address bondingCurve =...

accure interest function is likely failed to accure interest for token with low decimal

Lines of code Vulnerability details Impact loss of precision is too high when accuring interest Proof of Concept When intereste accures, we are calling uint256 interestAmount; uint256 interestRate = IIRMirm.getInterestRateaddressthis, trancheIndex, totalDeposit, totalBorrow; interestAmount =...

Attacker can abuse rounding down to get reward without depositing anything in LP pool

Lines of code Vulnerability details Impact In function withdrawLP, it calculates the amount of points from the amount input parameter. unchecked uint256 points = amount 100 / 1e18 lpPosition.multiplier / DIVISOR; // Update the caller's LP token stake. lpPosition.amount -= amount; lpPosition.point...

User might not be able to claim refund when the NFT is bought for less than the minimum reserve price

Lines of code Vulnerability details Impact User might not be able to claim refund when the NFT is bought for less than the minimum reserve price because the minReservePrices is rounded down, which make the contract refund sightly more eth to each user. In most case, the last user will not be able...

Staking tokens can be stolen

Lines of code Vulnerability details Impact The staking contract keeps track of shares of each user. When withdrawing from the staking contract the amount parameter is converted to shares and this value is decreased shares = amount / totalbalance totalshare. This shares calculation rounds down whi...

reward tokens could get lost due to rounding down

Handle gpersoon Vulnerability details Impact The function depositRewardTokens divides the "amount" of tokens by allocatedTokensPerEpoch to calculate the endEpoch. When "amount" isn't a multiple of allocatedTokensPerEpoch the result of the division will be rounded down, effectively losing a number...