CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

...

Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability

Time-of-check time-of-use toctou race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally...

UEFI Secure Boot Security Feature Bypass Vulnerability

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

PoC

Fabricked: Breaking AMD SEV-SNP via Infinity Fabric !CVE-20...

PT-2026-32863

Name of the Vulnerable Software and Affected Versions Windows Virtualization-Based Security VBS Enclave affected versions not specified Description Improper access control in the Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

PT-2026-32725

Name of the Vulnerable Software and Affected Versions Windows Virtualization-Based Security VBS Enclave affected versions not specified Description An untrusted pointer dereference in the Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to locally bypass a security...

Microsoft Windows Virtualization-Based Security Enclave 安全漏洞

The Microsoft Windows Virtualization-Based Security Enclave is a software-based trusted execution environment within the host application address space provided by Microsoft Corporation. There are security vulnerabilities associated with the Microsoft Windows Virtualization-Based Security Enclave...

Microsoft Windows Virtualization-Based Security Enclave 访问控制错误漏洞

The Microsoft Windows Virtualization-Based Security Enclave is a software-based trusted execution environment within the host application address space provided by Microsoft. There is an access control vulnerability associated with the Microsoft Windows Virtualization-Based Security Enclave...

ROS-20260414-73-0029

A vulnerability in the nestedsvmvmexit function of the arch/x86/kvm/svm/nested.c module of the virtualization subsystem on the x86 platform of the Linux operating system kernel is related to an uncontrolled reachable assertion. Exploitation of the vulnerability could allow an attacker to cause a...

GHSA-5XF5-GQ7P-JFX7 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-qemu, linux-azure, linux-gcp, linux-aws...

CVE-2026-22985 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-qemu, linux-azure, linux-gcp, linux-aws...

CLSA-2026-1775655705 kernel-uek: Fix of 34 CVEs

ALSA: usb-audio: Fix use-after-free in sndusbmixerfree CVE-2026-23089 - HID: core: Harden s32ton against conversion to 0 bits CVE-2025-38556 - KVM: nSVM: Ignore nCR34:0 when loading PDPTEs from memory CVE-2024-50115 - KVM: x86: Reset IRTE to host control if new route isn't postable CVE-2025-37885...

Amazon Firecracker 安全漏洞

Amazon Firecracker is a virtualization technology developed by Amazon, used specifically for creating and managing multi-tenant containers and functions-based services. It provides a serverless operating model, designed for creating and managing multi-tenant containers and functions-based service...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006689 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix vgpu debugfs clean in remove Check carefully on root debugfs available when...

SUSE CVE-2026-23432

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...

PT-2026-30039

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in KVM for arm64 systems related to the initialization of ID registers for non-protected pKVM guests. The hypervisor incorrectly copies the KVM ARCH FL...

SUSE CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

SUSE CVE-2026-23402

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...

Linux Distros Unpatched Vulnerability : CVE-2026-23402

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another...