buildah security update

1.41.8-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-3 - rebuild for CVE-2026-34986 - Resolves: RHEL-165027...

CVE-2026-42095

CVE-2026-42095 affects bookserver in KDE Arianna up to version 26.04.0 (pre-26.04.1). Affected component allows an attacker with local access to read arbitrary files by guessing a URL over a socket connection, as described in the vulnerability description. Root cause: insufficient access control ...

📄 LuaJIT 2.1.1774638290 FFI Remote Code Execution / Lua Injection

This script is a LuaJIT exploitation tool that attempts to abuse the LuaJIT FFI Foreign Function Interface to execute system commands or arbitrary shellcode on a remote Lua runtime exposed over a TCP socket. It connects to a target service, injects Lua code dynamically, and leverages unsafe FFI...

PT-2026-34894

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCK EMPTY 0xffff. This causes a panic while allocating UV hub info structures. Fix this by using NUMA NO NODE, allowing UV hub info...

PT-2026-34968

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the USB gadget Phonet function where a USB host can cause an overflow of the skb shared info-frags array. This occurs when the host sends an unbounded sequence of...

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

PT-2026-34879

Name of the Vulnerable Software and Affected Versions bookserver in KDE Arianna versions prior to 26.04.1 Description An issue in bookserver allows attackers to read files over a socket connection by guessing a URL. Recommendations Update to version 26.04.1...

CVE-2026-26210

KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balanceserve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket to all interfaces with no authentication and deserializes incoming messages using pickle.loads without validation. Attackers can...

CVE-2026-41333 OpenClaw < 2026.3.31 - Authentication Rate Limiting Bypass via Fake DeviceToken

OpenClaw before 2026.3.31 contains an authentication rate limiting bypass vulnerability that allows attackers to circumvent shared authentication protections using fake device tokens. Attackers can exploit the mixed WebSocket authentication flow to bypass rate limiting controls and conduct brute...

EUVD-2026-25307

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

CVE-2026-28525 SWUpdate Integer Underflow in Multipart Upload Parser

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

EUVD-2026-25222

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

CVE-2026-31532

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

EUVD-2026-25219

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

CVE-2026-31532

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

CVE-2026-31532

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

CVE-2026-31532 can: raw: fix ro->uniq use-after-free in raw_rcv()

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

CVE-2026-3960

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...

Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb

...

SUSE CVE-2026-31469

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...