kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

kernel: Linux kernel: vsock vulnerability may lead to memory corruption

A flaw was found in the Linux kernel's vsock component. This vulnerability occurs when a connect operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially...

PT-2026-23601

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 macOS before build 41186, Acronis Cyber Protect Cloud Agent macOS before build 41124...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005637)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005637 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling getpeername Fix a NULL pointer crash that...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005651 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always...

CVE-2026-20052

CVE-2026-20052 affects Cisco Secure Firewall Threat Defense (FTD) when Snort 3 Detection Engine handles SSL packet inspection. A logic error in memory management could be triggered by an unauthenticated remote attacker sending crafted SSL packets over the network, potentially causing the Snort 3 ...

CVE-2026-20052 Cisco Secure Firewall Threat Defense Software Snort 3 Memory Management Denial of Service Vulnerability

A vulnerability in the memory management handling for the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart. This vulnerability is due to a logic error in memory management...

CVE-2026-20005

Multiple Cisco products are affected by a vulnerability in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete parsing of the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005806 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005457 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005627 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leak...

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM Classical IP CLIP module. A local user can trigger an infinite recursive call in the clippush function by repeatedly calling the ioctlATMARPMKIP system call. This vulnerability occurs when the socket is closed, leading to stack...

Allocation of Resources Without Limits or Throttling

Overview @openclaw/voice-call is an OpenClaw voice-call plugin Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the media-stream WebSocket upgrades. An attacker can exhaust server resources by establishing multiple unauthenticated pre-sta...

MAL-2026-1126 Malicious code in @yaoii-bails/socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9d1cc19b4be6f6fb1f29ceb7bedcf05a41ca8135b966956c84c5095c1629126 The package @yaoii-bails/socket was found to contain malicious code. Source: ghsa-malware...

Malicious code in @yaoii-bails/socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9d1cc19b4be6f6fb1f29ceb7bedcf05a41ca8135b966956c84c5095c1629126 The package @yaoii-bails/socket was found to contain malicious code. Source: ghsa-malware...

K000160192: Log4j vulnerability CVE-2025-68161

Security Advisory Description The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https: //logging. apache. org/log4j/2.x/manual/appenders/network...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005554)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005554 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005556 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenar...

net: sock: fix hardened usercopy panic in sock_recv_errqueue

...