Corosync 安全漏洞

Corosync is an open-source cluster engine developed by The Corosync Cluster Engine. There is a security vulnerability in Corosync, which stems from incorrect return values in the membership submission token integrity checks. This can lead to out-of-bound reads, causing denial of service and...

Linux Distros Unpatched Vulnerability : CVE-2026-28498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.9, a library-level vulnerability was identified in the Authlib...

Duende.AccessTokenManagement 安全漏洞

Duende.AccessTokenManagement is an open source library from Duende. It is used to manage OAuth and OpenId Connect access tokens. A security vulnerability exists in Duende.AccessTokenManagement that stems from not properly handling concurrent requests when using client-side credential streams. An...

samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token

A flaw was found in samba. The Samba smbd file server must map Windows group identities SIDs into unix group ids gids. The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache...