DEBIAN-CVE-2026-45130

Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in readcompound in src/spellfile.c when loading a crafted spell file .spl with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-b...

GHSA-PJWX-R37V-7724 LangChain vulnerable to unsafe deserialization of attacker-controlled objects through overly broad `load()` allowlists

LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call load with allowedobjects="all". This does not enable arbitrary Python object deserialization, but it does allow...

LangChain vulnerable to unsafe deserialization of attacker-controlled objects through overly broad `load()` allowlists

LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call load with allowedobjects="all". This does not enable arbitrary Python object deserialization, but it does allow...

CVE-2026-7927

A type confusion flaw was found in the Runtime component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502830119...

CVE-2026-43381

A flaw was found in the Linux kernel's nouveau display driver. When the nouveau driver is in a runtime suspended state, a local user attempting to access a Direct Rendering Manager DRM device can trigger a system crash. This vulnerability leads to a Denial of Service DoS...

CVE-2026-43355

A flaw was found in the Linux kernel's bh1780 light sensor driver. This vulnerability occurs due to a Power Management PM runtime leak, where the system's reference count for power management is not always properly decremented. An attacker could exploit this by repeatedly triggering the error pat...

Security Bulletin: IBM MQ is affected by multiple vulnerabilities in the IBM Semeru Runtime Environment (CVE-2026-21945,CVE-2026-21932,CVE-2026-21933,CVE-2026-21925,CVE-2026-1188)

Summary Multiple issues were identified with the IBM Semeru Runtime Environment which is shipped with IBM MQ Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to...

GHSA-CFW5-68C4-FFQP MikroORM has SQL injection via runtime-controlled identifiers and JSON-path keys

Summary MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters Platform.getSearchJsonPropertyKey, quoteJsonKey did not properly escape characters that delimit the SQL identifier or string-literal context they emit into. When...

MikroORM has SQL injection via runtime-controlled identifiers and JSON-path keys

Summary MikroORM's identifier-quoting helper Platform.quoteIdentifier and the postgres/mssql overrides and its JSON-path emitters Platform.getSearchJsonPropertyKey, quoteJsonKey did not properly escape characters that delimit the SQL identifier or string-literal context they emit into. When...

CVE-2025-71299

A flaw was found in the Linux kernel's spi-cadence-quadspi driver. When processing Device Tree DT descriptions for attached flash devices, a missing or broken DT description can lead to a runtime power management PM disable in the error handling path of the probe function. This can result in...

CVE-2026-41690

18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Versions prior to 3.9.3 allow an unauthenticated HTTP client to pollute Object.prototype in the Node.js process hosting the middleware, via two unvalidated entry points that...

EUVD-2026-28752

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pmruntimeresumeandget, it can...

EUVD-2026-28743

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime runtime = s-runtime at line 2157. After releasing the stream lock at...

EUVD-2026-28661

In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pmruntimeputautosuspend before the error check to ensure the PM runtime reference count is always decremented after pmruntimegetsync, regardless of whether the read...

EUVD-2026-28663

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pmruntime error handling The return value of pmruntimegetsync is not checked, allowing the driver to access hardware that may fail to resume. The device usage count is also unconditionally incremented...

EUVD-2026-28571

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pmruntimeputsync with pmruntimedontuseautosuspend in the remove path to properly pair with pmruntimeuseautosuspend from probe. This allows pmruntimedisable t...

EUVD-2025-209748

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

CVE-2026-41591 Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping

Marko is a declarative, HTML-based language for building web apps. Prior to marko version 5.38.36 and prior to @marko/runtime-tags 6.0.164, when dynamic text is interpolated into a or tag the Marko runtime failed to prevent tag breakout when the closing tag used non-lowercase casing. An attacker...

CVE-2026-41591

The CVE affects Marko and @marko/runtime-tags, where dynamic text inside , ), enabling cross-site scripting (XSS) if untrusted input is interpolated inside these blocks. Affected versions are Marko <= 5.38.35 and @marko/runtime-tags <= 6.0.163; the issue is patched in Marko 5.38.36 and @mar...

CVE-2026-43446

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pmruntimeresumeandget, it can...