2856 matches found
Exploit for CVE-2026-31431
CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...
CVE-2026-39457
When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...
CVE-2026-39457
When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...
Exploit for CVE-2026-31431
Copy-Fail CVE-2026-31431 Static Go PoC This repository contai...
FreeBSD-SA-26:13.exec
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:13.exec Security Advisory The FreeBSD Project Topic: Local privilege escalation via execve Category: core Module: execve2 Announced: 2026-04-29 Credits: Ryan...
EUVD-2026-25447
In the Linux kernel, the following vulnerability has been resolved: futex: Require sysfutexrequeue to have identical flags Nicholas reported that his LLM found it was possible to create a UaF when sysfutexrequeue is used with different flags. The initial motivation for allowing different flags wa...
CVE-2026-31507
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SMC module. A local user can exploit this vulnerability by using the tee2 system call to duplicate a splice pipe buffer, leading to a double-free condition. This double-free can result in a use-after-free error and a kern...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks in the system call dispatch table. This vulnerability may allow for...
(0Day) aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the allowed commands list. The issue results from the lack of proper...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013313)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013313 advisory. In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that...
EUVD-2026-23630
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 JumpToUser accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute...
NovumOS 安全漏洞
NovumOS is an 32-bit protected mode operating system developed by MinecAnton209. Versions of NovumOS prior to 0.24 contained security vulnerabilities. These vulnerabilities stemmed from system call 15, which allowed Ring 3 user-mode processes to map arbitrary virtual address ranges into their own...
CVE-2026-5059 aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability
aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handlin...
Injection immutable Dependency in Confluence Data Center
This High severity Injection vulnerability was introduced in versions 9.0.1, 9.0.3, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This Injection vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...
CVE-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the ATSYMLINKNOFOLLOW flag, which Root.Chmod uses to...
CVE-2026-23289
A flaw was found in the Linux kernel's IB/mthca component. A local user could exploit this vulnerability by triggering a system call failure path related to the mthcacreatesrq function. This oversight leads to a missed unmapping of user database resources, resulting in a resource leak...
CVE-2026-23289
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
CVE-2026-23289
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
CVE-2026-23289 IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...
CVE-2026-23289
In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...