PT-2026-39066

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libceph component where the ceph monmap decode function uses signed int variables for blob len and num mon. Because these variables are intended to hold non-negati...

PT-2026-38967

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the solo6x10 media component where a signed type could be shifted beyond 32 bits. When compiled with Clang and CONFIG UBSAN SHIFT=y, this condition may be interpreted ...

PT-2026-38992

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ioam6 fill trace data function where the schema contribution to the trace length is stored in a u8 an 8-bit unsigned integer. When bit 22 is enabled and the largest...

Linux Distros Unpatched Vulnerability : CVE-2026-43407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a...

MGASA-2026-0112 Updated libexif packages fix security vulnerabilities

CVE-2026-32775: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow. CVE-2026-40385: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon...

CVE-2026-41669

Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature method at both call sites handleSSORequest line 418 and handleSLORequest line 613. The method returns error strings on...

CVE-2026-41669 Admidio: SAML Signature Validation Result Ignored — Forged AuthnRequests and LogoutRequests Processed

Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature method at both call sites handleSSORequest line 418 and handleSLORequest line 613. The method returns error strings on...

CVE-2026-41669

Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its validateSignature method at both call sites handleSSORequest line 418 and handleSLORequest line 613. The method returns error strings on...

SUSE CVE-2026-43238

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

Admidio 数据伪造问题漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there was a data manipulation vulnerability. This vulnerability stemm...

CVE-2026-43185

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smbdirectpreparenegotiation smbdirectpreparenegotiation casts an unsigned u32 value from sp-maxrecvsize and req-preferredsendsize to a signed int before computing mintint, .... A maliciously provide...

CVE-2026-43238

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

📄 SumatraPDF 3.5.2 Remote Code Execution

SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks using INTERNETFLAGIGNORECERTCNINVALID and do not perform any signature or integrity validation on the downloaded installer. Exploit Title: SumatraPDF 3.5.2 - Remote Code Execution Date: 2026-02-10 Exploit...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fixed the potential integer overflow that could occur when shifting an int. The left shift of the 32-bit integer constant 1 is evaluated using 32-bit arithmetic, and then passed as a 64-bit function argument. In cas...

Astra Linux – Vulnerability in imagemagick

An integer overflow issue was discovered in ImageMagick’s ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to GetPixelIndex could result in values that are outside the representable range for ‘unsigned char’. When ImageMagick processes a specially crafted PDF file, this...

Astra Linux – Vulnerability in protobuf-c, libsignal-protocol-c

Protobuf-c before version 1.4.1 has an unsigned integer overflow in the parserequiredmember field...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: printk: Fixed signed integer overflow when defining LOGBUFLENMAX. Shifting 1 31 on a 32-bit integer causes signed integer overflow, leading to undefined behavior. To prevent this, 1 was cast to u32 before the shift operation is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Fixed iasize underflow iasize is a lofft, which is a signed 64-bit type. NFSv3 and NFSv4 both define file size as an unsigned 64-bit type. Therefore, there is a range of valid file size values that an NFS client can send...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Casting to output precision before multiplying operands This issue addresses potential overflows that can occur when multiplying two operands with lower precision u32, before widening them to a higher precision...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: Fixed the signedness in the thislen calculation. When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to a signed integer during commit operations. This can lead to...