PT-2026-37454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fs/ntfs3 component where errors occurring during the attr set size function call are silently ignored when truncating files down. This can lead to the inode being...

PT-2026-37546

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the kfd event page set function. The function uses memset to write KFD SIGNAL EVENT LIMIT 8 bytes without verifying the buffer size parameter. This allow...

Oracle Linux 8 : libcap (ELSA-2026-13285)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-13285 advisory. 2.48-6.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169304 Tenable has extracted the preceding description block directly from the...

PT-2026-37477

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the ASoC SOF Intel hda component. This happens when there is a mismatch between the DAI links in the machine driver and the topology, which may...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ntfs3 file system’s failure to handle the attrsetsize function error when truncating files,...

Linux Distros Unpatched Vulnerability : CVE-2026-43206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer si...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the mask used by the nftsetpipapoavx2 function when matching expired entries, which may lead...

PT-2026-37449

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the rpmsg core where the driver override show function reads the driver override string without holding the device lock. Simultaneously, the store function...

PT-2026-37424

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter component, specifically within the nft set pipapo avx2 function. When AVX2 matching functions are used, the system may incorrectly return a non-matching...

PT-2026-37548

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the set rps cpu function incorrectly assumes that the Receive Packet Steering RPS table for each receive queue is of a constant size and does not change. By passing...

PyLoad vulnerable to Path Traversal via Package Folder Name in set_package_data

Summary No sanitization of package folder name allows writing files anywhere outside the intended download directory. Affected Component - src/pyload/core/api/init.py - Function: setpackagedata Details When passing a folder name in the setpackagedata API function call inside the data object with...

GHSA-838G-GR43-QQG9 PyLoad vulnerable to Path Traversal via Package Folder Name in set_package_data

Summary No sanitization of package folder name allows writing files anywhere outside the intended download directory. Affected Component - src/pyload/core/api/init.py - Function: setpackagedata Details When passing a folder name in the setpackagedata API function call inside the data object with...

HTTP Response Splitting

Overview microdot is a The impossibly small web framework for MicroPython Affected versions of this package are vulnerable to HTTP Response Splitting in the setcookie function. An attacker can inject arbitrary HTTP headers by supplying malicious input containing carriage return and line feed...

GHSA-V8H7-RR48-VMMV Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection

Summary Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same...

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

EUVD-2026-27319

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...

sudo: Sudo: Privilege escalation due to failure in privilege drop calls

A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...

CVE-2026-7833

CVE-2026-7833 affects EFM ipTIME C200 firmware up to 1.092. The vulnerability lies in the function sub_408F90 of /cgi/iux_set.cgi (ApplyRestore Endpoint), where improper handling of the RestoreFile argument enables remote command injection. Impact includes high risk to confidentiality, integrity,...

RUSTSEC-2026-0125 Signature Verification on AVX2 Platforms Mishandles Edge Case

The AVX2 implementation of ML-DSA verification incorrectly implemented the usehint function, mishandling an edge case that should lead to signature rejection. Impact An attacker could make the ML-DSA verifier accept a crafted invalid signature under a maliciously generated verification key, if th...

CLSA-2026-1777941808 libcap: Fix of CVE-2026-4878

CVE-2026-4878: fix TOCTOU race in capsetfile by performing xattr writes via an ONOFOLLOW file descriptor instead of the user-supplied path...