1388 matches found
xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()
...
CVE-2026-53162
In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...
UBUNTU-CVE-2026-53162
In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...
CVE-2026-53239
In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...
CVE-2026-53162 memcg: use round-robin victim selection in refill_stock
In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...
EUVD-2026-39253
In the Linux kernel, the following vulnerability has been resolved: memcg: use round-robin victim selection in refillstock Harry Yoo reported that getrandomu32below is not safe to call in the nmi context and memcg charge draining can happen in nmi context. More specifically getrandomu32below is...
OPENSUSE-SU-2026:21005-1 Security update for openssl-3
This update for openssl-3 fixes the following issues - CVE-2026-2673: TLS 1.3 servers may choose unexpected key agreement group bsc1259652. - CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion bsc1266340. - CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based...
Updated ruby-rack packages fix security vulnerabilities
CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. Forwarded header semicolon injection enables Host and Scheme spoofing. CVE-2026-34230 Quadratic complexity in Rack::Utils.selectbestencoding via wildcard Accept-Encoding header. CVE-2026-34763 Root...
OSV-2026-868 Use-of-uninitialized-value in vp8_regular_quantize_b_sse4_1
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520318421 Crash type: Use-of-uninitialized-value Crash state: vp8regularquantizebsse41 macroblockyrd vp8rdpickintramode...
NCMD: Benign-Anchored Feature Selection for Imbalanced Network Intrusion Detection
Feature selection is critical for network intrusion detection systems NIDS operating under high-dimensional, highly imbalanced traffic, as found in operational and defense networks. Traditional filter methods rank features using global statistics computed symmetrically across classes and thus fai...
FreeBSD : PowerDNS -- Multiple vulnerabilities (0823ac26-6040-11f1-ba4a-50ebf6bdf8e9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0823ac26-6040-11f1-ba4a-50ebf6bdf8e9 advisory. PowerDNS Team reports: 2025-07: Internal logic flaw in cache management can lead to a denial o...
CVE-2026-8123
A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogssbidiscoveryoptionaddsnssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes denial of service. It is possible to initiate the attack remotely. The exploit has been publicly...
CVE-2026-10864
A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In some cases, requesting a field set that became empty after validation or redaction could cause th...
CVE-2026-10864
A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In some cases, requesting a field set that became empty after validation or redaction could cause th...
Needles at Scale: LLM-Assisted Target Selection for Windows Vulnerability Research
The attack surface of a modern operating system is a haystack: thousands of signed binaries and millions of functions, almost none relevant to any given vulnerability. A human analyst or an LLM agent must pick the function worth reading before analyzing it. At whole-OS scope, this target selectio...
UBUNTU-CVE-2026-46166
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211dfscaccancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error...
CVE-2026-40819 Unauthenticated SQLi in sync_data24 task
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the syncdata24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
MemMorph: Tool Hijacking in LLM Agents Via Memory Poisoning
LLM-driven agents are capable of selecting external tools to complete users' tasks. However, attackers could compromise such process, steering agents toward inappropriate/wrong tools and enabling malicious actions. Most existing attacks primarily manipulate the tool metadata, which is easily...
PT-2026-42473
Name of the Vulnerable Software and Affected Versions gdk-pixbuf-loader-libheif versions prior to 1.22.2-1.1 Description An integer underflow leads to an out-of-bounds OOB memory access. This issue was discovered using AI-assisted fuzzing, a technique that uses artificial intelligence to...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ipu3-imgu: A NULL pointer dereferencing occurred in imgusubdevsetselection. Calling v4l2subdevgettrycrop and v4l2subdevgettrycompose with a subdev state of NULL leads to a NULL pointer dereferencing. This issue can occur in...