CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

Oracle Linux 8 : dnsmasq (ELSA-2026-20589)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20589 advisory. - Prevent overflow in extractname function CVE-2026-2291 - Prevent DoS in DNSSEC validation CVE-2026-4890 - Prevent out-of-bounds read in DNSSEC...

📄 ZTE ZXHN H188A 6 Authentication Bypass / Credential Disclosure

ZTE ZXHN H188A version 6 suffers from an authentication bypass vulnerability via a pre-login wizard credential leak. Title: ZTE ZXHN H188A V6 - Authentication Bypass via Pre-Login Wizard Credential Leak Date: 2026-05-20 Author: Mina Nageh Salalma Monx Research CVE: CVE-2026-34472 Vendor: ZTE...

EUVD-2026-27757

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...

CVE-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock()

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT The nfsklookupslowv4 function performs the conntrack lookup for IPv4 packets in order to restore the original 5-tuple in case of SNAT, so that the correct socket if any can be...

SUSE CVE-2026-6520

OpenFlow v6 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Wireshark 安全漏洞

Wireshark is a set of network packet analysis software developed by the Wireshark team. The software’s function is to capture network packets and display detailed data for analysis. Versions of Wireshark from 4.6.0 to 4.6.4, as well as 4.4.0 to 4.4.14, have security vulnerabilities. These...

MINI-FXRF-66V6-2654

Bulletin has no description...

uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

Summary The v3, v5, and v6 API methods not uuid release versions accept external output buffers but do not reject out-of-range writes small buf or large offset. By contrast, v4, v1, and v7 API methods explicitly throw RangeError on invalid bounds. This inconsistency allows silent partial writes...

GHSA-W5HQ-G745-H8PQ uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided

Summary The v3, v5, and v6 API methods not uuid release versions accept external output buffers but do not reject out-of-range writes small buf or large offset. By contrast, v4, v1, and v7 API methods explicitly throw RangeError on invalid bounds. This inconsistency allows silent partial writes...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006924 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: initialize more fields in sctpv6fromsk syzbot found that sin6scopeid was not properly...

GHSA-JHF3-XXHW-2WPP go-git: Maliciously crafted idx file can cause asymmetric memory consumption

Impact A vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service DoS condition. Exploitation requires write access to the local repository's .git directory, it...

PT-2026-29156

Name of the Vulnerable Software and Affected Versions go-git versions prior to 5.17.1 Description The go-git library’s index decoder for Git index format version 4 does not properly validate the path name prefix length before applying it to the previously decoded path name. A specially crafted...

Security update for

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.13 fixes various security issues The following security issues were fixed: CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. CVE-2025-40258: mptcp: fix race condition in...

CVE-2025-15551

The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle MitM attack to execute JavaScript...

ROS-20260121-73-0021

A vulnerability in the fibchecknhv6gw function of the Linux operating system kernel is related to a possible memory leak. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 3 : kernel-2.6.18-348.8.AXS3 (AXBA:2013-722:07)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2013-722:07 advisory. - Multiple race conditions in the madviseremove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001125 advisory. The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service slab out-of-bounds write or...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001186 advisory. The dccpv6requestrecvsock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of servic...