CVE-2025-62815

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npuprotodrv.ast.threadref in setcpuaffinity causes a denial of service...

PT-2026-23077

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.4 Description The setCookie utility did not properly validate semicolons ;, carriage returns r, or newline characters in the domain and path options when creating the Set-Cookie header. Because cookie attributes are...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005405 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove...

Hono 安全漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.4 contained security vulnerabilities. These vulnerabilities stemmed from the setCookie tool, which did not validate the semicolons, line breaks, or newlines in the domain and path parameters when...

ROS-20260304-73-0011

A vulnerability in the nfsetpipapoavx2 function of the Linux kernel is associated with a possible memory leak. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality of protected information...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005690)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005690 advisory. In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid use after free on rmap-obj array entries When calling irqsetaffinitynotifier...

CAM-LDS: Cyber Attack Manifestations for Automatic Interpretation of System Logs and Security Alerts

Log data are essential for intrusion detection and forensic investigations. However, manual log analysis is tedious due to high data volumes, heterogeneous event formats, and unstructured messages. Even though many automated methods for log analysis exist, they usually still rely on domain-specif...

OpenClaw's runtime /debug override path accepted prototype-reserved keys

Summary OpenClaw accepted prototype-reserved keys in runtime /debug set override object values proto, constructor, prototype. Impact /debug is disabled by default, and exploitation requires an already authorized /debug set caller. No unauthenticated vector was identified. This issue affects runti...

CVE-2025-62815

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npuprotodrv.ast.threadref in setcpuaffinity causes a denial of service...

Missing Encryption of Sensitive Data

Overview github.com/rancher/rancher/pkg/controllers/management/node is a complete container management platform Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the cluster creation using RKE templates with Weave CNI, where the WEAVEPASSWORD is not set,...

BIT-DISCOURSE-2026-26207 DIscourse's discourse-policy plugin lacks post access check

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, discourse-policy plugin allows any authenticated user to interact with policies on posts they do not have permission to view. The PolicyController loads posts by ID without verifying the current...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

libpng: LIBPNG has a heap buffer overflow in png_set_quantize

A heap based buffer overflow flaw has been discovered in LibPNG. Prior to version 1.6.55, an out-of-bounds read vulnerability exists in the pngsetquantize API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported b...

PT-2026-26018

Summary OpenClaw accepted prototype-reserved keys in runtime /debug set override object values proto , constructor, prototype. Impact /debug is disabled by default, and exploitation requires an already authorized /debug set caller. No unauthenticated vector was identified. This issue affects...

CVE-2025-62815

An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, 2400, 1580, and 2500. A NULL pointer dereference of npuprotodrv.ast.threadref in setcpuaffinity causes a denial of service...

CVE-2025-62815

The CVE-2025-62815 entry concerns Samsung Mobile Processors (Exynos 1380, 1480, 2400, 1580, 2500). The issue is a NULL pointer dereference in npu_proto_drv.ast.thread_ref within set_cpu_affinity(), which can lead to a denial of service. The description provides the root cause and impact but does ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005504)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005504 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Add condresched to ftracegraphsethash When the kernel contains a large number of function...

MiracleLinux 8 : firefox-140.8.0-2.el8_10.ML.1 (AXSA:2026-248:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-248:04 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety...