Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. This vulnerability allows for privilege escalation through the comusers batch task...

PT-2026-43316

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the com users batch task. Recommendations At the moment, there is no information about a newer versi...

PT-2026-43317

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the com users batch task. Recommendations At the moment, there is no information about a newer versi...

Joomla! CMS 访问控制错误漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a vulnerability related to access control, which stems from improper access checks. As a result, users with low privileges can edit the task types of existing scheduling programs...

[SECURITY] Fedora 43 Update: python-pulp-glue-0.37.0-5.fc43

pulp-glue is a library to ease the programmatic communication with the Pulp3 API. It helps to abstract different resource types with so called contexts and allows to build or even provides complex workflows like chunked upload or waiting on tasks. It is built around an openapi3 parser to provide...

PT-2026-42859

Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 1.4.0 through 2.0.7 Description An authenticated user with RoleMember privileges can trigger cron tasks belonging to other users, including administrators. This occurs because the system fails to verify the ownership ...

rtmutex: Use waiter::task instead of current in remove_waiter()

...

SUSE CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

Linux Distros Unpatched Vulnerability : CVE-2026-43499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in...

CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

UBUNTU-CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

CVE-2026-43499 rtmutex: Use waiter::task instead of current in remove_waiter()

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

EUVD-2026-31277

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

CVE-2026-43499

The CVE-2026-43499 issue concerns the Linux kernel rtmutex path where remove_waiter() operated on current during dequeue in rt_mutex_start_proxy_lock() via futex_requeue(). This caused: (1) rbtree dequeue without waiter::task::pi_lock, (2) waiter task pi_blocked_on not cleared (dangling pointer, ...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of current instead of waiter::task in the removewaiter function within the rtmutex. This...

PT-2026-42456

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the remove waiter function within the rtmutex component. The function incorrectly uses the current task instead of waiter::task during dequeue operations. This occurs...

GO-2026-4951 Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api

Vikunja has iCalendar Property Injection via CRLF in CalDAV Task Output in code.vikunja.io/api. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerabilit...

GitHub Breached — Employee Device Hack Led to Exfiltration of 3,800+ Internal Repos

GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cybercrime forum. "While we currently have no evidence of impact to customer...