PT-2026-43833

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unix needs revalidation When receiving file descriptors via SCM RIGHTS, both the socket pointer and the socket's sk pointer can be NULL during socket setup or teardown, causing NULL point...

ALSA-2026:7670 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 minimatch: minimatch: Denial of Service via specially crafted glob patterns CVE-2026-26996 undici:...

EUVD-2026-21430

OpenClaw before 2026.3.24 contains an authorization bypass vulnerability in the HTTP /v1/models endpoint that fails to enforce operator read scope requirements. Attackers with only operator.approvals scope can enumerate gateway model metadata through the HTTP compatibility route, bypassing the...

RockyLinux 9 : nodejs:24 (RLSA-2026:7350)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7350 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547...

CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...

OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims...