3682 matches found
Access of Resource Using Incompatible Type ('Type Confusion')
Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' via improper handling of numeric User directives in container configuration. An attacker can gain elevated privileges by supplying a crafted image with an /etc/passwd file that...
CVE-2026-4055
Mattermost CVE-2026-4055 affects Mattermost versions 11.5.x
EUVD-2026-31221
Mattermost versions 11.5.x = 11.5.1 fail to validate team-level runcreate permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request...
CVE-2026-4055
Mattermost versions 11.5.x = 11.5.1 fail to validate team-level runcreate permission against the target team when creating a playbook run which allows an authenticated team member to create runs in teams where they lack permission via specifying a different team ID in the run creation API request...
MAL-2026-4386 Malicious code in @elvatis_com/openclaw-cli-bridge-elvatis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ea4d389a7d7fc1ab1598f69441105d1ebe696d9d5d351f805644bded733fe7e When the OpenClaw gateway loads this plugin and starts its proxy server, code paths in dist/index.js lines 1076 and 1093 schedule outbound WhatsApp...
Malicious code in @elvatis_com/openclaw-cli-bridge-elvatis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ea4d389a7d7fc1ab1598f69441105d1ebe696d9d5d351f805644bded733fe7e When the OpenClaw gateway loads this plugin and starts its proxy server, code paths in dist/index.js lines 1076 and 1093 schedule outbound WhatsApp...
CVE-2026-45035
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: Fixed a bug where sleep was performed from an invalid context in btrfsqgroupinherit. Syzkaller reported the bug as follows: Bug: A sleep function is called from an invalid context at include/linux/sched/mm.h:274 Ca...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fixed a memory leak in XDPDROP for the non-zero-copy mode. Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with the AFXDP zero-copy mode, which uses xskbufffree instead...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: iouring: Ensure that ctx-rings is stable when manipulating task work flags. If DEFERTASKRUN | SETUPTASKRUN is used, and task work is added while the ring is being resized, there is a possibility that the OR operation of...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers, so the max3421hcd-spithread pointer can be either an error pointer or NULL. Check both values before...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fixed an infinite loop in attrloadrunsrange when there are inconsistencies in metadata. We have identified a bug in the ntfs3 file system that can lead to a Denial-of-Service DoS attack. A malformed NTFS image can caus...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: bpf: Correctly track subprogram poke descriptors and fix use-after-free Subprograms call mappoketrack, but during program release, there is no hook to call mappokeuntrack. However, during program release, the auxiliary memory and...
Astra Linux - уязвимость в containerd-app
Containerd is an open-source container runtime. A bug was discovered in Containerd prior to versions 1.6.38, 1.7.27, and 2.0.4. In these versions, containers launched with a User set as UID:GID that exceeded the maximum 32-bit signed integer could cause an overflow condition, resulting in the...
Astra Linux - уязвимость в linux
The file arch/powerpc/kvm/book3srtas.c in the Linux kernel, as of version 5.13.5 on the PowerPC platform, allows KVM guest OS users to cause memory corruption in the host OS through rtasargs.nargs, also known as CID-f62f3c20647e...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: dm thin: Fixed a UAF in runtimersoftirq When dmresume and dmdestroy are executed concurrently, it will lead to a UAF, as follows: Bug: KASAN: Use-after-free in runtimers+0x173/0x710 A 8-byte value is written to the address...
Astra Linux - уязвимость в pillow
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files, due to improper handling of offset and length tables...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed a reference count leak in bpfprogtestrunxdp syzbot reports: unregisternetdevice: Waiting for sit0 to become available. Usage count = 2. A debug printk patch revealed that a reference count is obtained at...
CVE-2026-39309
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
CVE-2026-39309
CVE-2026-39309 affects Trilium Notes before v0.102.2. The Electron configuration allows a RunAsNode fuse to launch the app in a special Node.js mode (-e) that can execute arbitrary commands with Trilium’s permissions, enabling a local attacker to spoof macOS TCC prompts. An attacker could trigger...