PT-2026-6806

Name of the Vulnerable Software and Affected Versions OpenProject versions prior to 16.6.7 OpenProject versions prior to 17.0.3 Description OpenProject is a web-based project management software. A flaw exists in the time tracking function where the application fails to properly handle HTML tags...

CVE-2026-1897 WeKan Position-History Tracking positionHistory.js PositionHistoryBleed authorization

A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to...

Apple’s new iOS setting addresses a hidden layer of location tracking

Most iPhone owners have hopefully learned to manage app permissions by now, including allowing location access. But there's another layer of location tracking that operates outside these controls. Your cellular carrier has been collecting your location data all along, and until now, there was...

Yottamaster多款产品 安全漏洞

Yottamaster DM2, among others, are models of private cloud storage boxes produced by Yottamaster. Several products from Yottamaster have security vulnerabilities; these vulnerabilities stem from incorrect symbol link tracking, which may lead to the disclosure or tampering with the internal file...

ORICO NAS CD3510 安全漏洞

The ORICO NAS CD3510 is a personal storage device manufactured by ORICO Corporation. Versions of the ORICO NAS CD3510 prior to V1.9.12 contained security vulnerabilities. These vulnerabilities were caused by incorrect symbol link tracking, which could lead to the disclosure or tampering with the...

ZSPACE Q2C NAS 安全漏洞

ZSPACE Q2C NAS is a private cloud device developed by ZSPACE Corporation. There is a security vulnerability in the ZSPACE Q2C NAS, which stems from incorrect symbol link tracking. This vulnerability could allow attackers to access all files within the NAS system and alter them...

Toxic_Flow_Analysis_Framework_For_Agentic_AI

Toxic Flow Analysis TFA Framework A Secure-by-Design framew...

CVE-2026-23016

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

CVE-2026-23016

The CVE concerns the Linux kernel’s conntrack/frag handling (inet: frags: drop fraglist conntrack references). A bug allows reassembled skb fragments to retain nf_conn references via frag_list, causing conntrack cleanup to block (hangs up to ~60s) when fragmentation/reassembly occurs (UDP/TCP pat...

PT-2026-5519

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nf conntrack cleanup net list to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce...

Linux Distros Unpatched Vulnerability : CVE-2026-24868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2. CVE-2026-24868 Note that Nessus relies on the presen...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from fraglist not releasing connection tracking references. This could lead to memory leaks and blocki...

CGA-Q6MM-Q7J4-JQVX

Bulletin has no description...

FreeBSD : Firefox -- Multiple vulnerabilities (9dac4f05-fc65-11f0-96db-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 9dac4f05-fc65-11f0-96db-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=2007302 reports: Mitigation bypass in the Privacy:...

SUSE CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2...

Xen security vulnerabilities

Xen is an open-source virtual machine monitor product developed by Xen. This product allows different and incompatible operating systems to run on the same computer. It also supports migration during runtime, ensuring smooth operation and avoiding downtime. Xen has security vulnerabilities; these...

CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox 147.0.2...

CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2...

CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 147.0.2...

UBUNTU-CVE-2026-24868

Mitigation bypass in the Privacy: Anti-Tracking component. This vulnerability affects Firefox 147.0.2...