CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

RockyLinux 9 : libtiff (RLSA-2025:20956)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20956 advisory. libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 libtiff: Libtiff Write-What-Where CVE-2025-9900 Tenable has extracted the preceding...

PT-2026-42856

A malicious archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file write outside of the desired extraction director...

NVIDIA Windows GPU Display Driver (May 2026)

A display driver installed on the remote Windows host is affected by multiple vulnerabilities: - A vulnerability exists in the kernel mode layer, where an attacker could leverage improper access to GPU resources, potentially leading to code execution, denial of service, escalation of privileges,...

RockyLinux 8 : openssl (RLSA-2026:3042)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:3042 advisory. openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419 Tenable has extracted the preceding description block...

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2026-40369: Defensive Analysis of the 12-Byte Windows Kern...

Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. Boxlite allows users to specify the OCI image used by containers in the sandbox. However, when processing tar entries in OCI images, Boxlite does not account for...

GHSA-F396-4RP4-7V2J Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host

Summary Boxlite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. Boxlite allows users to specify the OCI image used by containers in the sandbox. However, when processing tar entries in OCI images, Boxlite does not account for...

ImageMagick: Heap Buffer Over-Write in json and yaml encoder of a single byte due to incorrect fix

An incorrect fix that was applied in GHSA-5592-p365-24xh could result in a heap buffer over-write of a single byte...

Improper Validation of Integrity Check Value

Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value in the Triton inference handler. An attacker can execute arbitrary code with the SageMaker execution...

GHSA-763J-3P5V-JFC6 androidqf: APK download Path Traversal in device APK paths

Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...

libtiff security update

An update is available for libtiff. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libtiff packages contain a library of functions for manipulating Tagged...

RLSA-2025:20956 Important: libtiff security update

The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: LibTIFF Use-After-Free Vulnerability CVE-2025-8176 libtiff: Libtiff Write-What-Where CVE-2025-9900 For more details about the security issues, including the impact, a...

grub2 security update

An update is available for grub2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a...

RLSA-2026:3042 Moderate: openssl security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS12 processing CVE-2025-69419...

CVE-2026-43501

A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...

CLSA-2026-1779370563 grub2: Fix of CVE-2025-0677

CVE-2025-0677: UFS: Integer overflow may lead to heap based out-of-bounds write when handling symlinks...

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

CVE-2026-31635 · DirtyDecrypt !License: MIThttps://img.sh...

CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

RUSTSEC-2026-0149 WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-2r75-cxrj-cmph For more information see the GitHub-hosted security advisory...