PT-2026-44160

Summary The compliance-trestle library's remote fetching cache mechanism HTTPSFetcher and SFTPFetcher constructs the local cache file path from the URL path component without sanitizing path traversal sequences ../. When a remote OSCAL profile references a URL with traversal in its path, the HTTP...

CVE-2026-45994

ibmasm: fix OOB reads in commandfilewrite due to missing size checks...

PT-2026-43742

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak occurs in the mfd: arizona component when the wm5102 clear write sequencer function returns an error. The function returns immediately, bypassing the cleanup sequence and...

Vulnerabilities Resolved in Veeam Backup & Replication 13.0.2

All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 13.0.2.29. Veeam Software Security Commitment Veeam® is committed to ensuring its products protect customers from potential risks. As part of that commitment, we operate a Vulnerability Disclosure Program V...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : GitPython vulnerabilities (USN-8303-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8303-1 advisory. Santos Gallegos discovered that GitPython did not properly validate paths when...

Amazon Linux 2 : dnsmasq, --advisory ALAS2-2026-3318 (ALAS-2026-3318)

The version of dnsmasq installed on the remote host is prior to 2.76-16. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3318 advisory. A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute...

PT-2026-43828

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the gfs2 fill super error handling path when transitioning a filesystem to read-write mode fails. The first leak involves kthread objects, such as thread struct and...

PT-2026-43861

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the command file write handler where it allocates a kernel buffer based on a user-provided count but fails to validate this buffer against the dot command protocol before...

PT-2026-43671

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the arena vm close function during a fork operation. The arena vm open function increments the vml-mmap count but fails to register the child Virtual...

PT-2026-43748

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the svs enable debug write function. The buf variable, which is allocated by memdup user nul, is not properly released if the kstrtoint function fails...

PT-2026-44681

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out-of-bounds write exists in the V8 JavaScript engine, which is the component responsible for compiling and executing JavaScript code. This issue stems from a JIT Just-In-Time loop...

Linux Distros Unpatched Vulnerability : CVE-2026-45961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write...

PT-2026-43947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ocfs2 module where direct I/O DIO operations can lead to credit exhaustion in JBD2 Journaling Block Device, resulting in system warnings. This occurs during the...

PT-2026-43963

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the md/md-llbitmap component. The issue occurs because the barrier raise operation is performed after the state machine transition. Specifically, in the llbitm...

PT-2026-43584

Name of the Vulnerable Software and Affected Versions Synology Contacts versions prior to 1.0.10-20659 Description Improper neutralization of input during web page generation leads to a Cross-site Scripting XSS issue in the contact functionality. This allows remote authenticated users to read or...

PT-2026-43591

Name of the Vulnerable Software and Affected Versions Synology Assistant versions prior to 7.0.6-50085 Description An origin validation error allows local users to write arbitrary files with restricted content during the installation process. Recommendations Update to version 7.0.6-50085 or later...

PT-2026-43590

Name of the Vulnerable Software and Affected Versions Synology Active Backup for Business Agent versions prior to 3.1.0-4967 Description An origin validation error occurs during installation, which allows local users to write arbitrary files containing restricted content. Recommendations Update t...

Realtek rtl819x - Local Privilege

Exploit Title: Realtek rtl819x - Local Privilege Escalation Date: 2026-05-03 Exploit Author: Daniil Gordeev Vendor Homepage: http://www.realtek.com Software Link: https://github.com/iptime-gpl/userappsn104qi representative GPL release Version: Realtek rtl819x Jungle SDK, all known versions throug...

Amazon Linux 2 : golang, --advisory ALAS2-2026-3313 (ALAS-2026-3313)

The version of golang installed on the remote host is prior to 1.25.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3313 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a...

PT-2026-44675

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds write in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used to break out of a...