CLSA-2026-1778690104 exim: Fix of CVE-2026-40685

CVE-2026-40685: fix OOB heap write in dewrap when expanding header ending with stray backslash...

SUSE-SU-2026:21640-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues Security issues: - CVE-2026-2291: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. - CVE-2026-4890: DoS vulnerability in the DNSSEC validation bsc1265001. - CVE-2026-4891: heap-based out-of-bounds re...

CVE-2026-43483

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM leaves the interception enabled after AVIC is activated. E.g. if KVM...

UBUNTU-CVE-2026-43484

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...

UBUNTU-CVE-2026-43483

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM leaves the interception enabled after AVIC is activated. E.g. if KVM...

Exploit for Write-what-where Condition in Linux Linux_Kernel

Dirty Frag: Universal Linux LPE Abstract This document e...

SiYuan: Broken access control in `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk

Summary POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any authenticated user — including publish-service RoleReader accounts and...

Nautobot: GitRepository.current_head field should not be writable through REST API

Impact A user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause Nautobot's local clones of the relevant repository to checkout a commit other than the latest...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the handling of internal service references by the Gateway API provider. An attacker can gain unauthorized dynamic configuration write access by creating or updating an HTTPRoute that targets rest@internal, even...

CVE-2026-43486

In the Linux kernel, the following vulnerability has been resolved: arm64: contpte: fix setaccessflags no-op check for SMMU/ATS faults contpteptepsetaccessflags compared the gathered ptepget value against the requested entry to detect no-ops. ptepget ORs AF/dirty from all sub-PTEs in the CONT...

CVE-2026-43484

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...

CVE-2026-43484

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid bitfield RMW for claim/retune flags Move claimed and retune control flags out of the bitfield word to avoid unrelated RMW side effects in asynchronous contexts. The host-claimed bit shared a word with retune flag...

CVE-2026-6815

An arbitrary file write vulnerability exists in Casdoor's Local File System storage provider. Due to insufficient path sanitization, an authenticated attacker with administrative privileges can perform a Path Traversal attack to create or overwrite arbitrary files anywhere on the host filesystem,...

CVE-2026-20916 BIG-IQ iControl REST vulnerability

An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000158029: iControl REST vulnerability CVE-2026-20916

Security Advisory Description An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. CVE-2026-20916 Impact An authenticated attacker with low privileges can exploit this vulnerability remotel...

vulnerabilities handled in Adobe Illustrator

Adobe has identified several vulnerabilities in Adobe Illustrator versions 29.8.6, 30.3, and earlier. These vulnerabilities lie in the way Adobe Illustrator processes specially crafted files. There are issues with out-of-bounds write operations, NULL pointer dereferences, out-of-bounds reads, and...

CLSA-2026-1778604245 samba: Fix of CVE-2022-32742

CVE-2022-32742: fix server memory information leak via SMB1; insufficient range-check on SMB1 write request length allowed server memory contents to leak into the written file or printer instead of client-supplied bytes...

Exploit for Out-of-bounds Write in Google Chrome

Vuln...

CVE-2026-21018

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...

CVE-2026-21018

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code...