SUSE CVE-2026-43006

In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...

SUSE CVE-2026-43039

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

SUSE CVE-2026-43055

In the Linux kernel, the following vulnerability has been resolved: scsi: target: file: Use kzallocflex for aiocmd The targetcorefile doesn't initialize the aiocmd-iocb for the kiwritestream. When a write command fdexecuterwaio is executed, we may get a bogus kiwritestream value, causing unintend...

GHSA-R374-RXX8-8654 Paramiko rsakey.py allows the SHA-1 algorithm

In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...

PT-2026-37481

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A shift-out-of-bounds issue exists in the ntb hw switchtec component of the Non-Transparent Bridge NTB subsystem. When the number of Memory Window MW Look-Up Tables LUTs is set to zero...

PT-2026-37584

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Kernel Connection Multiplexor KCM where a zero-fragment socket buffer skb can remain in the frag list during a partial sendmsg error. When kcm sendmsg fills the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect update of isize when logging replay is performed. This issue may lead to inode with...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a zero-value check for the MINXOUTPUTSIZE register in the media ccs driver. This...

CVE-2026-36358

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

PT-2026-37549

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The fs/minix implementation of the minix filesystem lacks necessary sanity checking in the minix check superblock function. Specifically, it does not support any value for s log zone siz...

PT-2026-37522

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero issue exists in the media: ccs component. The driver fails to verify that the MIN X OUTPUT SIZE limit register's value is non-zero when calculating the maximum M for...

PT-2026-37910

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability c...

PT-2026-37999

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated...

PT-2026-38307

Name of the Vulnerable Software and Affected Versions fast-jwt versions prior to 6.2.4 Description An authentication bypass exists in the asynchronous key-resolver flow. When an application's key resolver returns an empty string '' or a zero-length Buffer, the software converts this to a...

PT-2026-37893

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

PT-2026-37391

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERIC CMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSI V3 0 EE n GSI EE GENERIC CMD . Notably this fixes a WARN I was seeing when I tried to...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility that beaconint may be zero in the rtw89 driver, potentially leading to a zero division...

PT-2026-37884

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the range size calculation in the tcfskbedithash function. This vulnerability may...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the kcm protocol. This vulnerability occurs when zero fragment count skb entries appear in the...