Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011400)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011400 advisory. In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on...

PT-2026-34009

BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode signed32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013251 advisory. The dohidpsockioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kern...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013327 advisory. In the Linux kernel, the following vulnerability has been resolved: net: do not allow gsosize to be set to GSOBYFRAGS One missing check in virtionethdrtoskb allowed...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011085)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011085 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6miditransmit Correctly calculate available space includin...

SUSE SLES15 Security Update : kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1458-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1458-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: -...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012960 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stac...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010867)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010867 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre...

Security update for freeipmi (important)

openSUSE security update: security update for freeipmi ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20556-1 Rating: important References: bsc1260414 Cross-References: CVE-2026-33554 CVSS scores: CVE-2026-33554 SUSE : 7.6...

CVE-2026-0930

Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...

CVE-2026-0930

CVE-2026-0930 affects wolfSSHd on Windows and describes a potential read-out-of-bounds in the handling of a terminal resize. An authenticated user could trigger the out-of-bounds read after establishing a connection, leaking adjacent stack memory to the pseudo-console output. Public sources (NVD;...

CVE-2026-0930 Potential wolfSSHd Buffer out-of-bounds Read on Windows Handling Terminal Resize

Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could trigger the out of bounds read after establishing a connection which would leak the adjacent stack memory to the pseudo-console output...

CVE-2026-30912

In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/exposestacktraces" was set to false. That could lead to exposing additional information to potential attacker. Users are recommended to upgrade to Apache Airflow 3.2.0, which fixes the issue...

CVE-2026-40489

editorconfig-core-c is an EditorConfig core library for use by plugins supporting EditorConfig parsing. Versions up to and including 0.12.10 have a stack-based buffer overflow in ecglob that allows an attacker to crash any application using libeditorconfig by providing a specially crafted directo...

CVE-2026-40324

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser Utf8GraphQLParser has no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types...

CVE-2026-26399

A stack-use-after-return issue exists in the ArduinoCoreSTM32 library prior to version 1.7.0. The pwmstart function allocates a TIMHandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the function...

JLSEC-2026-154

Stack overflow in the parsetag function in libass/assparse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file...

CVE-2026-26951

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this...

CVE-2026-26951

CVE-2026-26951 affects Dell PowerProtect Data Domain. The advisory states a stack-based buffer overflow in the product affecting: 7.7.1.0–8.6, LTS2025 8.3.1.0–8.3.1.20, and LTS2024 7.13.1.0–7.13.1.60. The vulnerability could be exploited by a high-privilege attacker with local access to achieve a...

CVE-2026-26951

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based buffer overflow vulnerability. A high privileged attacker with local access could potentially exploit this...