Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013325 advisory. In the Linux kernel, the following vulnerability has been resolved: net: Fix load-tearing on sk-skstamp in sockrecvcmsgs. KCSAN found a data race in sockrecvcmsgs...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011386)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011386 advisory. In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013224)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013224 advisory. In the Linux kernel, the following vulnerability has been resolved: pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb When...

PT-2026-34169

Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware component: C Oracle SSL API. Supported versions that are affected are 12.2.1.4.0 and 12.1.3.0.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011009)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011009 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011078 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix NULL-ptr-deref in rxeqpdocleanup when socket create failed There is a null-ptr-dere...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006965)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006965 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpfskassign The semantics for bpfskassign are as follows: sk =...

API Security Testing and Vulnerability Assessment

APIs now carry more sensitive data than traditional web interfaces. Payment details, health records, authentication tokens, and customer databases all flow through API endpoints that attackers can probe without ever touching a browser. A single misconfigured endpoint can expose millions of record...

CVE-2026-6369

The CVE-2026-6369 entry concerns the canonical-livepatch snap client, affected before version 10.15.0. A local unprivileged user can exploit an improper access control by sending an unauthenticated request to the livepatchd.sock Unix domain socket to obtain a sensitive, root-level authentication ...

CVE-2026-6369

An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...

CVE-2026-6369 Exposed Session Token in canonical-livepatch client snap

An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...

CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

Canonical Livepatch 安全漏洞

Canonical Livepatch is a system component developed by Canonical OpenSource that manages kernel hotfix updates and patches. Versions of Canonical Livepatch prior to 10.15.0 contained security vulnerabilities. These vulnerabilities were caused by improper access control, allowing local...

PT-2026-33770

An improper access control vulnerability in the canonical-livepatch snap client prior to version 10.15.0 allows a local unprivileged user to obtain a sensitive, root-level authentication token by sending an unauthenticated request to the livepatchd.sock Unix domain socket. This vulnerability is...

mt6893-security-research

MT6893 Security Research Five security research findings from...

MiracleLinux 9 : nodejs:24 (AXSA:2026-449:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-449:01 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-2554...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007409)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007409 advisory. In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocate...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007312 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939skmatchfilter during setsockoptSOJ1939FILTER Lock jsk-sk to prevent U...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007593)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007593 advisory. In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007556 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. I...