CVE-2026-44505

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. network-libp2p handles kad get-record query progress in handledhtget network-libp2p/src/swarm.rs. Prior to version 1.4.0, when a peer returns a FoundRecord, the code verifies the record...

CVE-2026-40946

Oxia is a metadata store and coordination system. Prior to 0.16.2, the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration, disabling the standard audience aud claim validation at the library level. This allows tokens issued for unrelate...

CVE-2026-49194 SCREEN_CLICK Authentication Bypass

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

CVE-2025-71311

A flaw was found in the Linux kernel's fs/ntfs3 component. When new memory pages folios are allocated for the NTFS3 file system without being properly initialized, and a read operation is skipped, parts of these folios may contain uninitialized memory. This can lead to a memory corruption...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between task migration and iteration within cgroups, potentially leading to...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: In md/raid10, the issue of null-ptr-deref in raid10syncrequest has been fixed. In initresync, the mempool is initialized, and conf-havereplacemnt is set to 0 at the beginning of the sync process. closesync frees the mempool when...

curl: CVE-2026-7009: OCSP stapling bypass with Apple SecTrust

Summary When curl is built with --with-apple-sectrust or -DUSEAPPLESECTRUST=ON and OpenSSL, the --cert-status / CURLOPTSSLVERIFYSTATUS option is silently bypassed when Apple SecTrust handles certificate chain verification instead of OpenSSL. The user explicitly requests OCSP stapling enforcement,...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013683 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

CVE-2026-41136

free5GC AMF provides Access & Mobility Management Function AMF for free5GC, an an open-source project for 5th generation 5G mobile core networks. Prior to version 1.4.3, the HTTPUEContextTransfer handler in internal/sbi/apicommunication.go does not include a default case in the Content-Type switc...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013242)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013242 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011220)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011220 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets...

CVE-2026-35667

OpenClaw before 2026.3.24 contains an incomplete fix for CVE-2026-27486 where the !stop chat command uses an unpatched killProcessTree function from shell-utils.ts that sends SIGKILL immediately without graceful SIGTERM shutdown. Attackers can trigger process termination via the !stop command,...

SUSE CVE-2026-24029

When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...

CVE-2026-24029

When the earlyacldrop earlyACLDrop in Lua option is disabled default is enabled on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send DoH queries regardless of the configured ACL...

Cosign considered signatures valid with expired intermediate certificates when transparency log verification is skipped

Summary When verifying artifact signatures using a certificate, Cosign first verifies the certificate chain using the leaf certificate's "not before" timestamp and later checks expiry of the leaf certificate using either a signed timestamp provided by the Rekor transparency log or from a timestam...

Improper Certificate Validation

wlc is vulnerable to improper certificate validation. The vulnerability is due to skipped SSL verification for specially crafted URLs, which allows an attacker to perform man-in-the-middle attacks and intercept or manipulate communications...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37951)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37951 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Add job to pending list if the...

AZL-74297 CVE-2025-68803 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

UBUNTU-CVE-2025-68288

In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the 'ioctlsg01' test from Linux Test Project LTP. The following bytes were mainly observed: 0x53425355. When USB storage devices incorrect...

CVE-2023-53832

A null pointer dereference flaw was found in the Linux kernel's RAID10 implementation. When recovery is skipped on a clean array, initresync is called but closesync is not, leaving conf-havereplacement incorrectly set to 0. If a replacement device is later added and recovery is triggered, replbio...