Linux Distros Unpatched Vulnerability : CVE-2026-52995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to ...

Linux Distros Unpatched Vulnerability : CVE-2026-53115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock...

Linux Distros Unpatched Vulnerability : CVE-2026-53091

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are...

Linux Distros Unpatched Vulnerability : CVE-2026-53101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7921: fix potential deadlock in mt7921rocabortsync rocabortsync can deadlock with rocwork. rocwork holds dev-mt76.mutex, while cancelworksync wait...

Linux Distros Unpatched Vulnerability : CVE-2026-53078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix same-register dst/src OOB read and pointer leak in sockops When a BPF sockops program accesses ctx fields with dstreg == srcreg, the SOCKOPSGETSK and...

Linux Distros Unpatched Vulnerability : CVE-2026-53080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: clsfw: fix NULL dereference of old filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 net: sched: protect filterchain lis...

Linux Distros Unpatched Vulnerability : CVE-2026-53129

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/mbcache: cancel shrink work before destroying the cache mbcachedestroy calls shrinkerfree and then frees all cache entries and the cache itself, but it does...

Linux Distros Unpatched Vulnerability : CVE-2026-53117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/cio: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held...

Debian dsa-6364 : chromium - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6364 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6364-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-53018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: avoid reading already updated pages during GC We found the following issue during fuzz testing: page: refcount:3 mapcount:0 mapping:00000000b6e89c65...

Linux Distros Unpatched Vulnerability : CVE-2026-53127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix zonescond memory leak on zone revalidation error paths When blkrevalidatediskzone...

Linux Distros Unpatched Vulnerability : CVE-2026-53000

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nat: use kfreercu to release ops Florian Westphal says: Historically this is not an issue, even for normal base hooks: the data path doesn't use the...

Linux Distros Unpatched Vulnerability : CVE-2026-53056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clo...

Linux Distros Unpatched Vulnerability : CVE-2026-53090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix ldabs,ind failure path analysis in subprogs Usage of ldabs,ind instructions got extended into subprogs some time ago via commit 09b28d76eac4 bpf: Add...

Linux Distros Unpatched Vulnerability : CVE-2026-52989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it trigger...

Linux Distros Unpatched Vulnerability : CVE-2026-52988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure...

Linux Distros Unpatched Vulnerability : CVE-2026-53074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and addres...

Tridium Niagara Improper Encoding or Escaping of Output (CVE-2025-3942)

Improper Output Neutralization for Logs vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...

Linux Distros Unpatched Vulnerability : CVE-2026-52981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit...

Linux Distros Unpatched Vulnerability : CVE-2026-53069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net, bpf: fix null-ptr-deref in xdpmasterredirect for down master syzkaller reported a kernel panic in bondrrgenslaveid reached via xdpmasterredirect. Full...

Linux Distros Unpatched Vulnerability : CVE-2026-53060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache metadata: fix memory leak on metadata abort retry When failing to acquire the rootlock in dmcachemetadataabort because the blockmanager is read-only, t...

Linux Distros Unpatched Vulnerability : CVE-2026-53072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: fix locking in hciconnrequestevt with HCIPROTODEFER When protocol sets HCIPROTODEFER, hciconnrequestevt calls hciconnectcfmconn without hdev-lock...

Linux Distros Unpatched Vulnerability : CVE-2026-52984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal...

Linux Distros Unpatched Vulnerability : CVE-2026-53111

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: testrun: Fix the null pointer dereference issue in bpflwtxmitpushencap The bpflwtxmitpushencap helper needs to access skbdstskb-dev to calculate the neede...

Linux Distros Unpatched Vulnerability : CVE-2026-53043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series ocfs2/dlm: fix two bugs in dlmmatchregions. In dlmmatchregions, the qrnumregions field from a...

Tridium Niagara Use of Incorrectly-Resolved Name or Reference (CVE-2025-3941)

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Input Data Manipulation. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise...

Linux Distros Unpatched Vulnerability : CVE-2026-52961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: fix BUGON in cephbuildxattrsblob due to stale blob size The generic/642 test-case can reproduce the kernel crash: 40243.605254 ------------ cut here...

Linux Distros Unpatched Vulnerability : CVE-2026-53068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the...

Linux Distros Unpatched Vulnerability : CVE-2026-53118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vdpa: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, th...

RockyLinux 9 : libxml2 (RLSA-2026:28254)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28254 advisory. libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c CVE-2024-34459 Tenable has extracted the preceding description block directly from the RockyLin...

Linux Distros Unpatched Vulnerability : CVE-2026-53083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix RCU stall in bpffdarraymapclear Add a missing condresched in bpffdarraymapclear loop. For PROGARRAY maps with many entries this loop calls...

Tridium Niagara Use of GET Request Method With Sensitive Query Strings (CVE-2025-3943)

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter Injection. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11;...

Linux Distros Unpatched Vulnerability : CVE-2026-53017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix data loss caused by incorrect use of natentry flag Data loss can occur when fsync is performed on a newly created file before any checkpoint has been...

Linux Distros Unpatched Vulnerability : CVE-2026-53122

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a...

Tridium Niagara Use of Password Hash With Insufficient Computational Effort (CVE-2025-3937)

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

Linux Distros Unpatched Vulnerability : CVE-2026-52956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field ...

Linux Distros Unpatched Vulnerability : CVE-2026-53113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon...

Tridium Niagara Incorrect Permission Assignment for Critical Resource (CVE-2025-3936)

Incorrect Permission Assignment for Critical Resource vulnerability in Tridium Niagara Framework on Windows, Tridium Niagara Enterprise Security on Windows allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Niagara Framework: before 4.14.2, before 4.15.1,...

Linux Distros Unpatched Vulnerability : CVE-2026-53052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which i...

Linux Distros Unpatched Vulnerability : CVE-2026-42450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, FileFormatSpi3D.cpp:163 uses sscanf with %s into 64-byte...

Tridium Niagara Use of a Broken or Risky Cryptographic Algorithm (CVE-2025-3938)

Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: before...

Linux Distros Unpatched Vulnerability : CVE-2026-52970

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local...

Linux Distros Unpatched Vulnerability : CVE-2026-53092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in...

Linux Distros Unpatched Vulnerability : CVE-2026-53059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but...

Linux Distros Unpatched Vulnerability : CVE-2026-53049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding...

Linux Distros Unpatched Vulnerability : CVE-2026-52957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential null-ptr-deref in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. When decoding th...

Linux Distros Unpatched Vulnerability : CVE-2026-53073

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling...

Linux Distros Unpatched Vulnerability : CVE-2026-53061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dm cache: fix dirty mapping checking in passthrough mode switching As mentioned in commit 9b1cc9f251af dm cache: share cache-metadata object across inactive and...

Linux Distros Unpatched Vulnerability : CVE-2026-53112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irqpreparebcntasklet The irqpreparebcntasklet is initialized in rtlpciinit and scheduled wh...

Linux Distros Unpatched Vulnerability : CVE-2026-53077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code...