SUSE CVE-2026-43244

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

EUVD-2026-27748

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

CVE-2026-43244

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

CVE-2026-43244 kcm: fix zero-frag skb in frag_list on partial sendmsg error

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in the fraglist. When kcmsendmsg fills MAXSKBFRAGS fragments in the curre...

CVE-2026-43186 ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in ioam6filltracedata On the receive path, ioam6filltracedata uses trace-nodelen to decide how much data to write for each node. It trusts this field as-is from the incoming packet, with no...

CVE-2026-43185 ksmbd: fix signededness bug in smb_direct_prepare_negotiation()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an URB leak in the pvr2sendrequestex function. This vulnerability may lead to the submission of write...

Linux Distros Unpatched Vulnerability : CVE-2026-43184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes ...

Linux Distros Unpatched Vulnerability : CVE-2026-43244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kcm: fix zero-frag skb in fraglist on partial sendmsg error Syzkaller reported a warning in kcmwritemsgs when processing a message with a zero-fragment skb in t...

Allocation of Resources Without Limits or Throttling

Overview @evomap/evolver is an A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol GEP for auditable, reusable evolution assets. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling vi...

net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()

...

Linux Distros Unpatched Vulnerability : CVE-2026-31700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer...

CVE-2026-31774

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...

EUVD-2026-26587

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...

CVE-2026-31774 io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs()

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...

EUVD-2026-26509

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnethdr in tpacketsnd In tpacketsnd, when PACKETVNETHDR is enabled, vnethdr points directly into the mmap'd TX ring buffer shared with userspace. The kernel validates the header via...

WordPress Send Users Email – Email Subscribers, Email Marketing Newsletter plugin <= 1.5.10 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Send Users Email versions = 1.5.10...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

CVE-2026-37530

CVE-2026-37530 affects AGL’s agl-service-can-low-level up to version 17.1.12. The uds-c library contains a stack buffer overflow in the send_diagnostic_request function: it allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) ...