CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

CVE-2026-34066

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

CVE-2026-34066 nimiq-blockchain: Peer-triggerable panic during history sync

nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During histo...

GHSA-J99G-7RQW-Q9JG nimiq-blockchain: Peer-triggerable panic during history sync

Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...

nimiq-blockchain: Peer-triggerable panic during history sync

Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...

EUVD-2026-25064

nimiq-blockchain: Peer-triggerable panic during history sync...

CVE-2026-31465 writeback: don't block sync for filesystems with no data integrity guarantees

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

PT-2026-34547

Impact HistoryStore::put historic txns uses an assert! to enforce invariants about HistoricTransaction.block number must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into Blockchain::push...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013503 advisory. In the Linux kernel, the following vulnerability has been resolved: legitimizemnt: check for MNTSYNCUMOUNT should be under mountlock ... or we risk stealing final...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper synchronization operations. This vulnerability may cause file systems that do not...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013550 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

EUVD-2026-24475

Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the orderby parameter in the ElectricSQL /v1/shape API is vulnerable to error-based SQL injection, allowing any authenticated user to read, write, and destroy the full contents of the underlying PostgreSQL database through crafted...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013363)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013363 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013065)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013065 advisory. In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnicdeletetask The original code uses canceldelayedwork in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010842 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in ofdra7atlclkprobe pmruntimegetsync will increment pm usa...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010803 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

VulnCheck KEV: CVE-2025-2749

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

Kentico Xperience Path Traversal Vulnerability

Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007225)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007225 advisory. In the Linux kernel, the following vulnerability has been resolved: sh: push-switch: Reorder cleanup operations to avoid use-after-free bug The original code puts...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007572 advisory. In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before module remove If we remove the module which will call...