EUVD-2026-39838

In the Linux kernel, the following vulnerability has been resolved: f2fs: protect extensionlist reading with sblock in f2fssbishow In f2fssbishow, the extensionlist, extensioncount and hotextcount are read without holding sbi-sblock. If a concurrent sysfs store modifies the extension list via...

CVE-2026-53303

CVE-2026-53303 — In the Linux kernel's f2fs subsystem, f2fs_sbi_show() reads extension_list, extension_count, and hot_ext_count without holding sbi->sb_lock. A concurrent sysfs store in f2fs_update_extension_list() could cause inconsistent counts or contents, risking out-of-bounds access or di...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: corrected the bitmaplimit value for clustermd when writing sb. In clustermd, separate write-intent-bitmaps are used for each cluster node: 0 4k 8k 12k...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent the null-ptr-deref bug...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the return result of sbminblocksize Syzkaller reports a bug named “UBSAN: out-of-bounds access in squashfsbioread”. Syzkaller forks multiple processes. After mounting the Squashfs filesystem, it issues an...

MAL-2026-5490 Malicious code in sb-original (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e07a765f6ef2042da47b1c017ecc5f6f1f99167da76e04c4b2c4ea6ecfcb83 [email protected] is an unscoped package whose version is set to 9999.99.99 to win semver resolution against any internal package of the same...

SB Admin SQL注入漏洞

SB Admin is a Bootstrap based open source admin backend template by Yash Pokharna individual developer. SB Admin suffers from an SQL injection vulnerability that stems from the operation of the function confirmloggedin on the parameter ID in the file /studentdel.php, which could lead to SQL...

SB Admin 代码注入漏洞

SB Admin is a Bootstrap based open source admin backend template by Yash Pokharna individual developer. SB Admin suffers from a code injection vulnerability that stems from manipulation of the parameter FIRSTNAME in the file /student.php, which could lead to a cross-site scripting attack. An...

SB Admin SQL注入漏洞

SB Admin is a Bootstrap based open source admin backend template by Yash Pokharna individual developer. SB Admin suffers from a SQL injection vulnerability that stems from the operation of the parameter User in the file /success.php, which could lead to SQL injection...

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-35192 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-35192 Source advisory: OSV:GHSA-7H2M-M8VJ-598H...

arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.4.13) +38 more potentially affected by CVE-2026-6907 via django (>=6.0.0 <=6.0.4)

django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 - django-tasks-aws =0.2.0b1 and more Source cves: CVE-2026-6907 Source advisory: SNYK:PYTHON-DJANGO-16425745...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading the superblock Fuzzers often modify sbbsizeshift, but in reality it’s very unlikely that this field would be corrupted on its own. Nevertheless, it should still be checked to avoid potential...

Linux Distros Unpatched Vulnerability : CVE-2026-31580

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bcache: fix cacheddev.sbbio use-after-free and crash In our production environment, we have received multiple crash reports regarding libceph, which have caught...

CVE-2026-31580

In the Linux kernel, the following vulnerability has been resolved: bcache: fix cacheddev.sbbio use-after-free and crash In our production environment, we have received multiple crash reports regarding libceph, which have caught our attention: 6888366.280350 Call Trace: 6888366.280452...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013179)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013179 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sbgetblkinode-isb, parent return a null ptr and...

cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-starter (>=1.6.9.1 <=1.8.4.0), cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-test (>=1.6.9.1 <=1.7.2.3) +34 more potentially affected by CVE-2026-6125 via org.dromara.warm:warm-flow-plugin-modes-sb (>=1.3.4 <=1.8.5-m3)

org.dromara.warm:warm-flow-plugin-modes-sb MAVEN version =1.3.4, =1.6.9.1, =1.6.9.1, =1.6.8.1, =4.0.0, =2025.13.0, =2025.3.2, =1.6.6, =1.6.6, =1.8.4 - org.dromara.warm-flow-mybatis-flex:warm-flow-mybatis-flex-solon-test =1.6.6 and more Source cves: CVE-2026-6125 Sourc...

cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-starter (>=1.6.9.1 <=1.8.4.0), cn.angis.warm-flow-beetlsql:warm-flow-beetlsql-sb-test (>=1.6.9.1 <=1.7.2.3) +36 more potentially affected by CVE-2026-6125 via org.dromara.warm:warm-flow-plugin-modes-sb (>=1.3.4 <=1.8.5)

org.dromara.warm:warm-flow-plugin-modes-sb MAVEN version =1.3.4, =1.6.9.1, =1.6.9.1, =1.6.8.1, =4.0.0, =2025.13.0, =2025.3.2, =1.6.6, =1.8.4 - org.dromara.warm-flow-mybatis-flex:warm-flow-mybatis-flex-sb-test =1.6.6 and more Source cves: CVE-2026-6125 Source advisory:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006731 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix invalid derefence of sblvbptr I experience issues when putting a lkbsb on the stack...

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-4277 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-4277 Source advisory: SNYK:PYTHON-DJANGO-15923568...

arches (=8.0.0a1), desktop-django-starter (=0.1.0) +33 more potentially affected by CVE-2026-33034 via django (>=6.0.0 <=6.0.3)

django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.2.0b1 and more Source cves: CVE-2026-33034 Source advisory: OSV:GHSA-933H-HP56-HF7M...