CVE-2026-46128

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI subsystem. This vulnerability occurs when the kernel processes event message buffer responses from Baseboard Management Controllers BMCs. Some BMCs may return an empty message instead of an expected error, which...

CVE-2026-46142

A flaw was found in the Linux kernel's libwx network driver. When a Virtual Function VF is initialized, it attempts to read a Physical Function PF restricted register, WXCFGPORTST. This illegal register access can lead to a system hang, resulting in a Denial of Service DoS...

CVE-2026-46164

A flaw was found in the Linux kernel's btrfs filesystem. This vulnerability, a double free, occurs in the createspaceinfosubgroup function's error handling path. When kobjectinitandadd fails, a memory region can be freed twice. This can lead to memory corruption, potentially resulting in a denial...

CVE-2026-46177

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI driver. This vulnerability allows a malfunctioning Baseboard Management Controller BMC to cause the IPMI driver to continuously fetch events and messages, or become stuck if the attention bit remains active. Thi...

CVE-2026-46175

A flaw was found in the Linux kernel's f2fs filesystem. During Foreground Garbage Collection FGGC of node blocks, the system fails to properly clear internal metadata marks. This can lead to filesystem inconsistencies, where the fsck utility may misinterpret the state of migrated data. A local us...

CVE-2026-46196

A flaw was found in the Linux kernel. When a tracepoint a mechanism for dynamic instrumentation is registered, a failure during the probe installation process can lead to the registration's side effects persisting without a corresponding probe. This can cause a Denial of Service DoS by leaving...

CVE-2026-46204

A flaw was found in the Linux kernel's AMD GPU Graphics Processing Unit driver, specifically within the drm/amdgpu/vcn4 component. This vulnerability allows for an out-of-bounds read when processing an Instruction Buffer IB. An attacker could potentially exploit this to read sensitive information...

CVE-2026-46208

A flaw was found in the Linux kernel's batman-adv module. When a mesh interface is removed, the batadvmeshfree function does not properly stop tpmeter sessions. This oversight allows active tpmeter sender threads or late incoming packets to continue processing against a mesh instance that is in t...

CVE-2026-46210

A flaw was found in the Linux kernel's iris media driver. A race condition can occur when the driver attempts to free a resource while it is still being accessed by another part of the system. This leads to a use-after-free vulnerability, where a program tries to use memory that has already been...

CVE-2026-46217

A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...

CVE-2026-46221

A flaw was found in the Linux kernel's EDAC/versalnet component. A memory leak occurs because the device name, allocated during initialization, is not properly freed. Over time, this unreleased memory could lead to resource exhaustion, potentially impacting system stability and availability...

CVE-2026-46241

A flaw was found in the Linux kernel's spi: mpc52xx component. This use-after-free vulnerability occurs when the controller registration fails. An attacker could potentially exploit this flaw to cause a system crash or lead to a resource leak, impacting system stability and availability...

CVE-2026-46240

A flaw was found in the Linux kernel, specifically within the media: iris driver. This vulnerability, a use-after-free, occurs when a buffer is prematurely freed by sessionreleasebuf while irisreleaseinternalbuffers continues to access it. This improper handling of memory can lead to system...

Security Bulletin: Vulnerabilities in libxml2 (CVE-2026-0989, CVE-2026-0990, CVE-2026-0992) affect AIX

Summary Vulnerabilities in libxml2 could cause a denial of service CVE-2026-0989, CVE-2026-0990, CVE-2026-0992. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2026-6732 DESCRIPTION: A flaw was found in libxml2. This vulnerability occurs when the library...

CVE-2026-46105

A flaw was found in the mpt3sas driver within the Linux kernel. This vulnerability allows for oversized Non-Volatile Memory Express NVMe input/output I/O operations due to improper size limitations. An attacker or a malicious NVMe device could exploit this by issuing I/O requests that exceed the...

EUVD-2026-33055

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This affects instances configured with SSO/OAuth...

CVE-2026-9645

Technical details about CVE-2026-9645 are not publicly available in the provided documents. No explicit affected product/version or root cause is disclosed here. Monitor for updates from the sources.

EUVD-2026-33028

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...

CVE-2026-46115

A flaw was found in the Linux kernel's block subsystem. The biovecphysmergeable function, which combines physically contiguous memory segments, lacked a check to ensure these segments belonged to the same device page map devpagemap. This omission could result in the incorrect identification of th...

CVE-2026-35277

...