CVE-2026-43267 wifi: rtw89: fix potential zero beacon interval in beacon tracking

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could result in a division by zero error in subsequent calculations. Set a...

CVE-2026-43267

The CVE-2026-43267 issue affects the Linux kernel wifi stack, specifically the rt89 beacon tracking path. The root cause is that the bss_conf->beacon_int value can be zero, which leads to a division-by-zero in subsequent calculations. The fix introduces a safe default by setting beacon interva...

CVE-2026-43267

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could result in a division by zero error in subsequent calculations. Set a...

CVE-2026-43244

CVE-2026-43244 affects the Linux kernel KCM (Kernel Connection Multiplexer). The issue arises during partial sendmsg operations: when kcm_sendmsg fills MAX_SKB_FRAGS, it allocates a new skb in frag_list and may copy data; if the copy fails, the new tail skb can have zero frags, leaving an empty e...

SUSE CVE-2026-43029

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always find...

PT-2026-38062

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing exp-master in ctnetlink without properly securing the master connection tracking object,...

PT-2026-37855

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions...

webkitgtk: A website may be able to track users through Safari web extensions

A flaw was found in WebKitGTK. A malicious website can track users through web extensions due to improper state management...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update ...

CVE-2026-43070 bpf: Reset register ID for BPF_END value tracking

In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., after an r1...

CVE-2026-43070

In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPFEND value tracking When a register undergoes a BPFEND byte swap operation, its scalar value is mutated in-place. If this register previously shared a scalar ID with another register e.g., after an r1...

CVE-2026-43070

The CVE describes a Linux kernel BPF verifier flaw: after a BPF_END (byte swap), dst_reg->id is not reset to 0, which can cause the verifier to propagate learned bounds to a linked register, creating a risk of out-of-bounds memory accesses. The concrete impact is potential privilege/escalation...

CVE-2026-43060

The CVE-2026-43060 issue affects the Linux kernel netfilter component (nft_ct). When the nft_ct module is removed, packets enqueued in nfqueue may retain stale references to conntrack zone templates or timeout policies, risking instability or DoS. The root cause is references that can outlive the...

Pillow has an integer overflow when processing fonts

If a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This has been fixed...

CVE-2026-42092

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

EUVD-2026-27069

titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or role check. Any authenticated user can subscribe via DDP and receive sensitive configuration fields such as googlesecret, openaiapikey, and...

7 Key Features That Make Secure Browsers Safer

Secure Browsers boost safety with tracking blocks, fingerprint protection, session control, and real-time threat defense against modern web attacks...

PT-2026-37197

Name of the Vulnerable Software and Affected Versions Pillow versions prior to 12.2.0 Description An integer overflow can occur when the library tracks the current position if a font advances for each glyph by an excessively large amount. Recommendations Update to version 12.2.0...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: cxl/pmem: Fixed leaks in cxlpmemregion and cxlmemdev. When a cxlnvdimm object undergoes an -remove operation where the device is physically removed, nvdimmbridge is disabled, or the nvdimm device is disabled, any associated...