CVE-2026-39418

CVE-2026-39418 MaxKB is affected in versions ≤ 2.7.1 where the sandbox’s network protection can be bypassed. An authenticated user with tool-editing permissions can reach internal services blocked by the sandbox by using socket.sendto() with the MSG_FASTOPEN flag. MaxKB’s sandbox relies on LD_PRE...

CVE-2026-39418

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSGFASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by the...

EUVD-2026-22176

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSGFASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by the...

PT-2026-32573

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSG FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by th...

CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

CVE-2026-25598

The CVE-2026-25598 issue affects Harden-Runner (GitHub Actions Community Tier) prior to version 2.14.2. The root cause is that outbound traffic using socket calls sendto, sendmsg, and sendmmsg could bypass audit logging when egress-policy is set to audit, enabling potential evasion of monitoring....

CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

CVE-2026-25598 Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffi...

GHSA-CPMJ-H4F6-R6PQ Harden-Runner: Bypassing Logging of Outbound Connections Using sendto, sendmsg, and sendmmsg in Harden-Runner (Community Tier)

Summary A security vulnerability has been identified in the Harden-Runner GitHub Action Community Tier that allows outbound network connections to evade audit logging. Specifically, outbound traffic using the sendto, sendmsg, and sendmmsg socket system calls can bypass detection and logging when...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003335 advisory. The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted applicati...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003135 advisory. The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted applicati...

EUVD-2025-36129

On Wear OS devices, when Google Messages is configured as the default SMS/MMS/RCS application, the handling of ACTIONSENDTO intents utilizing the sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is incorrectly implemented. Due to this misconfiguration, an attacker capable of...

PT-2025-43907

Name of the Vulnerable Software and Affected Versions Google Messages for Wear OS affected versions not specified Description A flaw exists in Google Messages for Wear OS where the handling of ACTION SENDTO intents using sms:, smsto:, mms:, and mmsto: Uniform Resource Identifier URI schemes is...

EUVD-2004-0272

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-8645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted...

PT-2025-24411 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread version 5.1.0 Description: A critical vulnerability was found in the csys sendto function of the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the argument to leads to null pointer dereference. This issue can caus...

CVE-2023-52523

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Reject skmsg egress redirects to non-TCP sockets With a SOCKMAP/SOCKHASH map and an skmsg program user can steer messages sent from one TCP socket s1 to actually egress from another TCP socket s2: tcpbpfsendmsgs1 //...

lte-pic32-writer security vulnerability

lte-pic32-writer is a writing program for pic32 devices by paijp personal developer. A security vulnerability exists in lte-pic32-writer v0.0.1 and earlier versions, which originates from the fact that users with an IMEI can read sendto.txt, and the sendto.txt file can contain SNS e.g. slack, zul...

SUSE CVE-2015-2686

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for 1 sendto and 2 recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copyfromiter function in the ioviter interface, as demonstrated by the Bluetooth...

SUSE CVE-2016-8645

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...