EUVD-2026-33708

Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.2, and 33.0.0 to before 33.0.1, the fileslock app did not properly validate the ownership of files when processing DAV lock and unlock requests. An authenticated user could lock or...

EUVD-2025-31825

Vulnerability in the melis-core module of Melis Technology's Melis Platform, which, if exploited, allows an unauthenticated attacker to create an administrator account via a request to '/melis/MelisCore/ToolUser/addNewUser'...

CVE-2025-39926

In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...

SUSE CVE-2025-39926

In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...

CVE-2025-39926 genetlink: fix genl_bind() invoking bind() after -EPERM

In the Linux kernel, the following vulnerability has been resolved: genetlink: fix genlbind invoking bind after -EPERM Per family bind/unbind callbacks were introduced to allow families to track multicast group consumer presence, e.g. to start or stop producing events depending on listeners...

CVE-2025-39926

CVE-2025-39926 in the Linux kernel fixes a logic error in genetlink: in genl_bind(), bind() could be invoked after a failed capability check (-EPERM), letting callbacks run for unauthorized callers. The patch ensures bind() is called only after successful permission checks (after the “if (ret) br...

PT-2025-40100

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s genetlink functionality where the genl bind function could invoke a bind callback even after permission checks failed, potentially allowing callbacks ...

The vulnerability of the btrfs_lookup_extent_info() function in the file system of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btrfslookupextentinfo function in the file system of the Linux operating system is related to unauthorized callers of the verification function. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2023-2827

SAP Plant Connectivity - version 15.5 PCo or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token JWT in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send...

Design/Logic Flaw

SAP Plant Connectivity - version 15.5 PCo or the Production Connector for SAP Digital Manufacturing - version 1.0, do not validate the signature of the JSON Web Token JWT in the HTTP request sent from SAP Digital Manufacturing. Therefore, unauthorized callers from the internal network could send...