Red Hat Quay 安全漏洞

Red Hat Quay is a container image repository platform operated by the American company Red Hat. Red Hat Quay has a security vulnerability; this vulnerability stems from the fact that GitLab’s OAuth verifier transmits sensitive credentials as plain-text parameters in URL queries, which may lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-45903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 bpf: verifier:...

CVE-2026-45041 RustFS: Hard-coded RSA private key in license verifier permits arbitrary license forgery

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

CVE-2026-45041

CVE-2026-45041 affects RustFS prior to 1.0.0-beta.2, where crates/appauth/src/token.rs embeds a 2048-bit RSA private key (TEST_PRIVATE_KEY) as a string constant and uses it in production to verify licenses. This allows anyone who can read the source or extract the key from binaries to mint arbitr...

PYSEC-2026-176

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

UBUNTU-CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

EUVD-2026-32918

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

CVE-2026-48523

PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode or jwt.decodecomplete are called with a PyJWK key. The token header alg is checked against the caller-supplied algorithms allow-list, but signature...

CVE-2026-48526

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the...

SUSE CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

CVE-2026-45903

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. This vulnerability occurs because several BPF helper functions lack proper memory access flags, such as MEMRDONLY or MEMWRITE. Consequently, the verifier may incorrectly assume that buffer contents remain unchanged across...

CVE-2026-45933

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter verifier. The synclinkedregs function fails to preserve the register ID during bounds propagation, which can lead to incorrect register state. This issue may allow a local attacker to trigger a 'division by zero' error, resulting i...

EUVD-2026-32352

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfxdpstorebytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpfxdpstorebytes proto is incorrect. In particular, the verifier was throwing the following error...

CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

UBUNTU-CVE-2026-45886

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfxdpstorebytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpfxdpstorebytes proto is incorrect. In particular, the verifier was throwing the following error...

CVE-2026-45903 bpf: Fix memory access flags in helper prototypes

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

CVE-2026-45903

CVE-2026-45903 concerns the Linux kernel BPF verifier and helper prototypes. The issue arises because several helpers using ARG_PTR_TO_MEM lacked MEM_RDONLY or MEM_WRITE flags, causing the verifier to incorrectly assume buffers are unchanged across calls and potentially optimize away subsequent r...

CVE-2026-45886 bpf: Fix bpf_xdp_store_bytes proto for read-only arg

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfxdpstorebytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpfxdpstorebytes proto is incorrect. In particular, the verifier was throwing the following error...

CVE-2026-45886

CVE-2026-45886 : Linux kernel fix for bpf_xdp_store_bytes argument type error when writing to read-only maps. The verifier flagged a MEM_WRITE on R3 (PTR_TO_MAP_VALUE from a read-only map) due to ARG_PTR_TO_UNINIT_MEM; the third argument’s type did not match bpf_skb_store_bytes. The patch aligns ...

CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...