PT-2026-34549

Name of the Vulnerable Software and Affected Versions Python affected versions not specified Description The js output function in http.cookies.Morsel returns an inline snippet that only escapes double quotes for JavaScript string context. It fails to neutralize the HTML parser-sensitive sequence...

PT-2026-34426

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The module loader fails to verify the bounds of the ELF section index within the simplify symbols function. A symbol containing an out-of-bounds st shndx value, such as those defined as...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013726)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013726 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: meson-gx: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013536)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013536 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013734)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013734 advisory. In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmmmodeconfiginit drmmmodeconfiginit will call...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013505 advisory. In the Linux kernel, the following vulnerability has been resolved: udf: fix uninit-value use in udfgetfileshortad Check for overflow when computing alen in...

CVE-2026-41128

Craft CMS is a content management system CMS. In versions 5.6.0 through 5.9.14, the actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no...

BIT-VAULT-2026-3605 Vault KVv2 Metadata and Secret Deletion Policy Bypass Denial-of-Service

An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were not authorized to read or write, resulting in denial-of-service. This vulnerability did not allow a malicious user to delete secrets across namespaces, nor read any secret...

GHSA-8Q4H-8CRM-5CVC

creationtimestamp| type| source ---|---|--- 2026-04-21 11:00:26+00:00| seen| https://bsky.app/profile/getpacketai.bsky.social/post/3mjytdcford24 2026-04-23 21:26:07+00:00| published-proof-of-concept| Telegram/wY3PGk1V7kusFG8GbDK0g0CtGhXXIm9UsDC-frBku-7BiY...

OpenEXR 输入验证错误漏洞

OpenEXR is an open standard for high dynamic range image HDR file format, open-sourced by the Academy Software Foundation. Versions 3.4.0 to 3.4.9 of OpenEXR contain a input validation vulnerability. This vulnerability stems from an integer overflow in the 32-bit signed integer bpl value of the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012995 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006956)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006956 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010812 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix uninititialized value in 'ext4evictinode' Syzbot found the following issue:...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011408)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011408 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported issue in...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011325 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix KMSAN uninit-value issue in hfsplusdeletecat The syzbot reported issue in...

Siemens SCALANCE Improper Validation of Integrity Check Value(CVE-2020-26141)

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check authenticity of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011002)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011002 advisory. In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Fix uninit-value in alaudacheckmedia Syzbot got KMSAN to complain about acce...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011293)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011293 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: toshsd: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010933)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010933 advisory. In the Linux kernel, the following vulnerability has been resolved: mmc: alcor: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013104)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013104 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported issue in...