PT-2026-44184

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

PT-2026-44341

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bounds checking issue exists in the Linux kernel DRM AMD GPU driver. The uvd, vce, and vcn components access the Indirect Buffer IB at predefined offsets without verifying if the IB is...

CVE-2026-45999

A flaw was found in the Linux kernel's EROFS Enhanced Read-Only File System component. A local user could provide a specially crafted EROFS image that triggers an unsigned underflow in the zerofslz4handleoverlap function during LZ4 inplace decompression. This vulnerability allows the system to re...

CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

UBUNTU-CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

EUVD-2026-32303

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

CVE-2026-45999

The CVE-2026-45999 issue affects the Linux kernel EROFS LZ4 inplace decompression path (z_erofs_lz4_handle_overlap). Crafted extents can trigger an unsigned underflow (outpages

EUVD-2026-32295

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

CVE-2026-45999 erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

PT-2026-43866

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in z erofs lz4 handle overlap Some crafted images can have illegal !partial decoding && m llen out access reads past the decompressed pages array. However, such crafted cases can correctly result in ...

PT-2026-43873

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveau gem pushbuf reloc apply validates each relocation with if r-reloc bo offset + 4 nvbo-bo.base.size but reloc bo offset is u32 uapi/drm/nouveau drm.h and the integ...

Linux Distros Unpatched Vulnerability : CVE-2026-45999

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpag...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unsigned overflow in the zerofslz4handleoverlap function within erofs. This vulnerability may...

CVE-2026-45999

erofs: fix unsigned underflow in zerofslz4handleoverlap...

Malicious code in @slipless/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd12d144d97dca69d9861a3a68bc2bfd138e3f3d5514eb70303c9b8e0c472e17 On npm install, scripts/postinstall.cjs fetches https://slipless.xyz/main.ps1 mutable URL, no hash or signature verification, writes it to the OS tem...

MAL-2026-4793 Malicious code in vxui-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bde616ebc21909bfa386bf8e49438da710f48b62ae3127f2a7259c71557a4242 package.json declares a postinstall script that runs curl -skL...

SUSE CVE-2026-42268

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. From 3.0.0 to before 3.0.15, there is an unhandled exception std::outofrange caused by unsigned integer underflow in libmodsecurity3 if the user administrator uses a rule any of @verifySSN...

PT-2026-43310

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP AS PATH attribute encoder. In src/bgp protocol.hpp, the IPv4UnicastAnnounce::get attributes function computes attribute length as 'sizeofbgp as path segment element t + this-as path asns.size sizeofuint32 t' and...

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...