CVE-2026-56412

libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...

CVE-2026-46183

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect path kfree with damonsysfslock damonsysfsquotgoal-path can be read and written by users, via DAMON sysfs 'path' file. It can also be indirectly read, for the parameters on,offline committing to...

BIT-RUBY-2026-46727

An issue was discovered in Ruby 4 before 4.0.5. A race condition leading to a use-after-free in the pthread-based getaddrinfo timeout handler rbgetaddrinfo in ext/socket/raddrinfo.c allows a remote attacker who can delay DNS responses near the user-specified timeout to crash a Ruby process that...

CVE-2026-43237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpugemvaioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpugemvaioctl function, key updates include: - Moved the logic for managing the last update fence...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: peakpci: peakpciremove: fixed UAF. When removing the peekpci module, referencing chan again after releasing dev can lead to UAF. This issue was fixed by delaying the release of dev. The following log indicates this issue:...

MiracleLinux 9 : thunderbird-140.9.1-1.el9_7.ML.1 (AXSA:2026-483:08)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-483:08 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of...

Mozilla Thunderbird < 140.10

The version of Thunderbird installed on the remote Windows host is prior to 140.10. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-34 advisory. - Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10...

freerdp: FreeRDP has a Heap-use-after-free in urb_select_interface

A heap buffer use after free has been discovered in FreeRDP. urbselectinterface can free the device's MS config on error but later code still dereferences it, leading to a use after free in libusbudevselectinterface...

CVE-2026-23428

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1280)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...

MGASA-2026-0052 Updated rootcerts, nss & firefox packages fix security vulnerabilities

Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...

UBUNTU-CVE-2026-23231

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix use-after-free in nftablesaddchain nftablesaddchain publishes the chain to table-chains via listaddtailrcu in nftchainadd before registering hooks. If nftablesregisterhook then fails, the error path calls...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000589 advisory. Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004752 advisory. The root cause of this vulnerability is that the ioctl$DRMIOCTLMODEDESTROYDUMB can decrease refcount of drmvgemgemobject created in vgemgemdumbcreate concurrently, a...

TencentOS Server 3: webkit2gtk3 (TSSA-2025:0999)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0999 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2022-50745 staging: media: tegra-video: fix device_node use after free

In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix devicenode use after free At probe time this code path is followed: tegracsiinit tegracsichannelsalloc foreachchildofnodenode, channel -- iterates over channels automatically gets 'channel'...

SUSE CVE-2025-40303

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

CVE-2025-40303

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

UBUNTU-CVE-2025-40158

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...