PT-2026-36386

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The dt2815 driver crashes when attached to I/O ports without actual hardware present. This occurs because users can attach the driver to arbitrary I/O addresses via the 'COMEDI DEVCONFIG...

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

PT-2026-36498

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

PT-2026-36511

Name of the Vulnerable Software and Affected Versions collin80/Open-SAE-J1939 versions prior to commit 744024d4306bc387857dfce439558336806acb06 Description An integer underflow exists in the Transport Protocol Data Transfer handling. When the sequence number from a CAN frame, represented by the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of freed memory during the decrementing of sbi-nrpages in f2fswriteendio. This could le...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an open-source image processing library developed by OpenImageIO. It features a user-friendly interface and supports a wide range of image formats. Versions of OpenImageIO 3.2.0.1-dev and earlier have a buffer error vulnerability, which stems from an out-of-bounds write issue in th...

PT-2026-36508

Name of the Vulnerable Software and Affected Versions Open-SAE-J1939 versions prior to commit b6caf884df46435e539b1ecbf92b6c29b345bdfe Description An integer underflow exists in the SAE J1939 Read Transport Protocol Data Transfer function. This allows attackers to write to arbitrary memory by usi...

PT-2026-36497

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A web page containing unusual WebGPU content loaded into the GPU GLES render process can trigger a write Use-After-Free UAF crash in the GPU GLES user-space shar...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from targetcorefile not initializing the kiwritestream field of aiocmd-iocb, which could result in a write comman...

CVE-2026-37457

An off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function bgpd/bgpflowspecutil.c of FRRouting FRR stable/10.0 allows attackers to cause a Denial of Service DoS via supplying a crafted FlowSpec component...

PT-2026-36354

Name of the Vulnerable Software and Affected Versions AcademySoftwareFoundation OpenImageIO versions prior to 3.2.0.1-dev Description An out-of-bounds write issue exists within the DDS Image Handler component, specifically affecting the src/dds.imageio/ddsinput.cpp file. This flaw requires local...

PT-2026-36332

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the f2fs compress write end io function. The dec page countsbi, type function can reduce the F2FS WB CP DATA counter to zero, which may unblock f2fs wait...

Open SAE J1939 数字错误漏洞

Open SAE J1939 is a CAN bus communication protocol library for industrial vehicles from the individual developer Daniel Mårtensson. Open SAE J1939 suffers from a numeric error vulnerability that stems from an integer underflow in the SAEJ1939ReadTransportProtocolDataTransfer function, which allow...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient control of request size verification in fuac1legacy. This vulnerability may lead to...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

CVE-2026-4502

IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to write arbitrary files on the system...

CVE-2026-3345

IBM Langflow Desktop API v2 File Upload Endpoint (POST /api/v2/files) is vulnerable to a path traversal due to improper validation/sanitation of user-supplied filenames passed to LocalStorageService, allowing authenticated attackers to write files outside the intended upload directory and potenti...

CVE-2026-3345 Path Traversal and Arbitrary File Write Vulnerability in IBM Langflow Desktop API v2 File Upload Endpoint

IBM Langflow Desktop =1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

CVE-2026-3345 Path Traversal and Arbitrary File Write Vulnerability in IBM Langflow Desktop API v2 File Upload Endpoint

IBM Langflow Desktop =1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...