GHSA-FVVM-949W-QJ4W RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

RTK Rust Token Killer improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/ast: astdp: Fixed the timeout for enabling the video signal. The ASTDP transmitter sometimes takes up to 1 second to enable the video signal, while the timeout is only 200 msec. This results in a kernel error message. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fsdax: Force the dirty mark to be cleared if CoW is used XFS allows CoW on non-shared extents to combat fragmentation1. The old non-shared extent can be rewritten before use; its dax entry is marked as “dirty”. This results in a...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: HID: usbhid: Eliminated a recurring out-of-bounds error in usbhidparse. Updated the struct hiddescriptor to better reflect the mandatory and optional parts of the HID descriptor according to the USB HID 1.11 specification. Not...

PT-2026-42204

RTK Rust Token Killer improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply...

PT-2026-36468

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The wacom intuos bt irq function processes Bluetooth HID reports without sufficient bounds checking. A maliciously crafted short report can trigger an out-of-bounds read—a condition wher...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of ticket length validation in the non-XDR key resolution path. This vulnerability may...

CVE-2026-23278

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

Linux Distros Unpatched Vulnerability : CVE-2026-23219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862...

PT-2025-53072

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the net/mlx5e component. The problem stems from an incorrect encap attribute being used during invalidation, specifically in the mlx5e invalidat...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from sysfs changing group attribute ownership without checking visibility, which could result in a warning message...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the improper handling of tagged pages in copyhighpage, which may result in a warning message...

DEBIAN-CVE-2023-53841

In the Linux kernel, the following vulnerability has been resolved: devlink: report devlinkporttypewarn source device devlinkporttypewarn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device driver has no devlink port...

UBUNTU-CVE-2023-53841

In the Linux kernel, the following vulnerability has been resolved: devlink: report devlinkporttypewarn source device devlinkporttypewarn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device driver has no devlink port...

CVE-2023-53583 perf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start()

In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4 "perf: RISC-V: throttle perf events" the perfsampleeventtook function was added to report time spent in overflow interrupts. If the...

EUVD-2023-49650

Malicious code in bioql PyPI...

EUVD-2024-53257

Malicious code in bioql PyPI...

EUVD-2025-11177

Malicious code in bioql PyPI...

EUVD-2022-55067

Malicious code in bioql PyPI...

EUVD-2023-57247

Malicious code in bioql PyPI...