310111 matches found
CVE-2026-12484
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
CVE-2026-12484
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
CVE-2026-12484 Unsafe Deserialization in keras.layers.TorchModuleWrapper.from_config
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
CVE-2026-12484
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
EUVD-2026-45828
In the Linux kernel, the following vulnerability has been resolved: platform/x86: uniwill-laptop: Do not enable the charging limit even when forced It seems that on some older models 2020 the battery charging limit can permanently damage the battery. Prevent users from enabling this feature thru...
EUVD-2026-45632
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix folio-private handling in netfsperformwrite Under some circumstances, netfsperformwrite doesn't correctly manipulate folio-private between NULL, NETFSFOLIOCOPYTOCACHE, pointing to a group and pointing to a netfsfolio...
EUVD-2026-45607
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TOCTOU double-fetch of hwcmsgid from DMA buffer In manahwcrxeventhandler, resp-response.hwcmsgid is read from DMA-coherent memory and bounds-checked, then manahwchandleresp re-reads the same field from the same DMA...
EUVD-2026-45707
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: itg3200: fix i2c read into the wrong stack location itg3200readallchannels takes be16 buf' as a parameter and fills the i2cmsg destination as char &buf'. Since buf' is the parameter a pointer, &buf' is the address of t...
EUVD-2026-45660
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Bound iscsiencodetextoutput appends to rspbuf iscsiencodetextoutput concatenates "key=value\0" records into login-rspbuf, an 8192-byte kzallocMAXKEYVALUEPAIRS buffer allocated in iscsitallocloginsetupbuffer...
CVE-2026-64143
In the Linux kernel, the following vulnerability has been resolved: platform/x86: uniwill-laptop: Do not enable the charging limit even when forced It seems that on some older models 2020 the battery charging limit can permanently damage the battery. Prevent users from enabling this feature thru...
CVE-2026-64059
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix folio-private handling in netfsperformwrite Under some circumstances, netfsperformwrite doesn't correctly manipulate folio-private between NULL, NETFSFOLIOCOPYTOCACHE, pointing to a group and pointing to a netfsfolio...
CVE-2026-64034
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TOCTOU double-fetch of hwcmsgid from DMA buffer In manahwcrxeventhandler, resp-response.hwcmsgid is read from DMA-coherent memory and bounds-checked, then manahwchandleresp re-reads the same field from the same DMA...
CVE-2026-63934
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: itg3200: fix i2c read into the wrong stack location itg3200readallchannels takes be16 buf' as a parameter and fills the i2cmsg destination as char &buf'. Since buf' is the parameter a pointer, &buf' is the address of t...
CVE-2026-63887
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Bound iscsiencodetextoutput appends to rspbuf iscsiencodetextoutput concatenates "key=value\0" records into login-rspbuf, an 8192-byte kzallocMAXKEYVALUEPAIRS buffer allocated in iscsitallocloginsetupbuffer...
Exploit for CVE-2026-63030
wp2shell — CVE-2026-63030 + CVE-2026-60137 One-day WordPres...
CVE-2026-64143
The CVE relates to the Linux kernel, specifically the platform/x86 uniwill-laptop code path. On older devices (~2020), the battery charging limit could be unintentionally enabled via the force module parameter, potentially causing permanent hardware damage. The fix is to prevent enabling the char...
CVE-2026-64143 platform/x86: uniwill-laptop: Do not enable the charging limit even when forced
In the Linux kernel, the following vulnerability has been resolved: platform/x86: uniwill-laptop: Do not enable the charging limit even when forced It seems that on some older models 2020 the battery charging limit can permanently damage the battery. Prevent users from enabling this feature thru...
CVE-2026-64143
In the Linux kernel, the following vulnerability has been resolved: platform/x86: uniwill-laptop: Do not enable the charging limit even when forced It seems that on some older models 2020 the battery charging limit can permanently damage the battery. Prevent users from enabling this feature thru...
CVE-2026-64059 netfs: Fix folio->private handling in netfs_perform_write()
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix folio-private handling in netfsperformwrite Under some circumstances, netfsperformwrite doesn't correctly manipulate folio-private between NULL, NETFSFOLIOCOPYTOCACHE, pointing to a group and pointing to a netfsfolio...
CVE-2026-64059
The CVE affects the Linux kernel netfs code, specifically netfs_perform_write(), where folio->private was not reliably managed across NULL, NETFS_FOLIO_COPY_TO_CACHE, and netfs_folio/group pointers. This could lead to multiple attachments of private data, folio ref leaks, and leaks of netfs_fo...