111 matches found
CVE-2026-45859
A flaw was found in the Linux kernel's netfilter nfnetlinkqueue component. This vulnerability occurs when an application does not set the FGSO capability flag and a Generic Segmentation Offload GSO packet with an unconfirmed netfilter connection nfconn entry is received. Due to an incorrect order...
SUSE CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
EUVD-2026-32325
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
UBUNTU-CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...
CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation...
PT-2026-43726
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink queue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'F GSO' capability flag and a gso packet with an unconfirmed nf conn entry is...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfilter nfnetlinkqueue module failing to properly check shared unconfirmed connections befo...
CVE-2026-44707 Chatwoot: Pre-Account Takeover via OAuth on Unconfirmed Accounts
Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover Pre-ATO vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email address they did not...
CVE-2026-44707 Chatwoot: Pre-Account Takeover via OAuth on Unconfirmed Accounts
Chatwoot is a customer engagement suite. From 2.14.0 to before 4.13.0, a Pre-Account Takeover Pre-ATO vulnerability existed in Chatwoot's authentication flow. Because email confirmation was not enforced before an account became usable, an attacker could pre-register an email address they did not...
CVE-2026-43913
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...
CVE-2026-43913 Vaultwarden: Unconfirmed Owner Can Purge Entire Organization Vault
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...
CVE-2026-43913
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...
CVE-2026-43913
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...
CVE-2026-43913 Vaultwarden: Unconfirmed Owner Can Purge Entire Organization Vault
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault. The organization invite flow uses a two-step process: accepting an invite transitions membership from Invited to Accepted, an...
CVE-2026-43913
Vaultwarden (Rust) prior to 1.35.5 exposes a data-loss risk where an authenticated user who is an unconfirmed organization owner can purge the entire organization vault via POST /api/ciphers/purge. The purge check incorrectly validates only membership type Owner, not Confirmed status, allowing a ...
OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions
A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...