186843 matches found
PT-2026-51902
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the ice free tx tstamp ring and ice tx map functions. The ice free tx tstamp ring function clears the ICE TX FLAGS TXTIME flag after setting the tstamp ri...
PT-2026-51928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the Linux kernel's BPF sockmap implementation. The issue occurs because unix stream connect updates the sk state variable to TCP ESTABLISHED before...
PT-2026-51744
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A disconnect between the tool layer and libcurl occurs when a user invokes curl with a schemeless URL and the --proto-default option set to sftp or scp. The tool layer incorrectly infers the URL...
PT-2026-51745
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists where a new transfer utilizing STARTTLS to upgrade the connection may incorrectly reuse an existing live connection despite a mismatch in the TLS...
PT-2026-51663
Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...
PT-2026-51746
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A logical error in the connection pooling mechanism allows the software to reuse an incorrect connection for Negotiate-authenticated requests. This occurs even when the requests are configure...
PT-2026-51756
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description Applications using libcurl for transfers via SCP:// or SFTP:// that utilize the CURLOPT SSH KEYFUNCTION callback may silently accept an untrusted server. This occurs when a server presents a...
PT-2026-51747
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A flaw in the cookie parsing logic allows a malicious HTTP server to set super cookies that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that...
PT-2026-51748
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description The logic handling SASL Simple Authentication and Security Layer authentication may clean up the GSASL context twice without clearing the pointer in between. This results in a double-free...
PT-2026-51754
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description An issue exists where libcurl may send request data on a new connection before enforcing certificate verification failure. This occurs when a user first connects to a legitimate HTTP/3 server...
PT-2026-51750
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description When reusing a handle for sequential transfers driven by environment-variable proxy configuration, the software fails to clear the proxy authentication state between requests. If an initial...
PT-2026-51958
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.19.0-rc7 Description In passthrough mode, a null pointer dereference occurs when dm-cache attempts to invalidate a cache entry while a concurrent write to the same cached block causes the bio prison cell lock to fail. In...
PT-2026-51964
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where Bottom Half BH processing is not disabled before calling the udp tunnel xmit skb and udp tunnel6 xmit skb functions. These functions are...
PT-2026-51752
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A flaw exists where the software fails to clear proxy authentication credentials when instructed to do so. This results in old credentials remaining available and potentially being used for...
PT-2026-51753
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description A use-after-free issue occurs when the curl easy pause function is called within the event-based CURLMOPT SOCKETFUNCTION callback. This leads to a situation where libcurl attempts to store a...
PT-2026-52091
Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11, Rocket.Chat's SAML integration does not verify the signature on inbound LogoutRequest messages. An unauthenticated remote attacker who knows a...
PT-2026-51995
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential deadlock exists in the mt7921 roc abort sync function within the mt76 wireless driver. The issue occurs when roc abort sync calls cancel work sync, which waits for roc work t...
PT-2026-52136
Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains an unauthenticated Local File Inclusion LFI, which occurs through the graph theme parameter and rrdtool IPC...
PT-2026-52146
Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBURASDevice JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from insufficien...
PT-2026-51767
Capgo before 12.128.2 fails to enforce limited to orgs and limited to apps constraints on subkeys provided via x-limited-key-id header in middlewareKey function. Attackers can bypass subkey scope restrictions by referencing their own subkeys, causing all downstream route handlers to use the...
PT-2026-52115
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, it does not escape the untrusted fields name, version, author, description when they are serialized into the data-obj HTML attribute of each marketplace card. Because the attribute is single-quoted and the value is...
PT-2026-52089
Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.52 Description The Fill Text Template block is susceptible to a Denial of Service DoS attack. Although the backend utilizes a SandboxedEnvironment to block unauthorized attribute access, such as class , it does no...
PT-2026-51952
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference can occur in the recovery paths of the cadence cdns-mhdp8546-core driver. When errors occur in the cdns mhdp link up or cdns mhdp reg read functions during...
PT-2026-51850
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds memory access exists in the ceph x decrypt function within libceph. The issue occurs because a portion of buffer p is interpreted as a ceph x encrypt header and its magi...
PT-2026-51726
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io poll get ownership function where a signed comparison is used to determine if poll refs has reached the threshold for the slowpath. Because atomic read returns ...
PT-2026-52053
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description A use after free issue exists in the Bluetooth component on Mac. This occurs when the system continues to use a memory location after it has been freed, which can be triggered by a...
PT-2026-52147
Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBUDeviceDrive JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...
PT-2026-52131
Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.99 Description The 'POST /api/v1/admin/send-test-email' endpoint allows the use of attacker-controlled smtpHost and smtpPort values to establish a raw JavaMail TCP connection. This process bypasses the...
PT-2026-51954
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the dm cache metadata component when the system fails to acquire the root lock in the dm cache metadata abort function because the block manager is read-only. In...
PT-2026-51723
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ipc/shm component where the shm destroy orphaned function iterates through the shm idr using shm idsns.rwsem, which fails to serialize all fields evaluated by shm...
PT-2026-52116
Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...
PT-2026-51684
Name of the Vulnerable Software and Affected Versions Advance Nav Menu Manager versions prior to 1.4 Description The Advance Nav Menu Manager plugin for WordPress contains an authorization bypass. The issue occurs because the plugin fails to properly verify if a user is authorized to perform...
PT-2026-51820
Name of the Vulnerable Software and Affected Versions OpenText Access Manager versions 5.1 through 5.1.2 Description Improper neutralization of input during web page generation allows Cross-Site Scripting XSS, a condition where malicious scripts are injected into trusted websites. Recommendations...
PT-2026-51706
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the batman-adv module. When a batadv hard iface is disabled, its mesh iface pointer is set to NULL. The function batadv v ogm send meshif may still...
PT-2026-51957
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the dm cache passthrough mode where the invalidate remove function contains incomplete logic for handling write hit bios following cache invalidation. The system sets ...
PT-2026-51839
Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.15 and 6.1 Description An issue exists in the WireGuard driver where the decryption side can stop working completely for a specific peer under heavy networking load. This occurs when the system is under pressure and the...
PT-2026-51935
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the OCFS2 file system where the listxattr function can return a size larger than the caller's buffer. This occurs when an OCFS2 inode contains both inline and...
PT-2026-52033
Name of the Vulnerable Software and Affected Versions Mistune versions prior to 3.3.0 Description A CPU exhaustion Denial of Service DoS occurs due to superlinear approximately On² behavior in the parse link text function. When processing Markdown containing numerous consecutive characters, the...
PT-2026-52072
Name of the Vulnerable Software and Affected Versions Ghost versions 6.19.4 through 6.21.0 Description Insufficient validation of the client-supplied Content-Type on the Admin API file upload endpoint allows uploaded files to be served with an attacker-chosen content type when using S3 or GCS...
PT-2026-51846
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Input/Output Memory Management Unit IOMMU subsystem, which manages how devices access system memory. This occurs during device recovery when multiple memor...
PT-2026-51858
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The USB MIDI 2.0 endpoint parser in the ALSA usb-audio component fails to validate bLength against the remaining bytes in the endpoint-extra scan before reading baAssoGrpTrmBlkID. This...
PT-2026-51984
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An issue exists in the Linux kernel regarding the analysis of failure paths for ld abs and ld ind instructions within subprograms. These instructions are permitted in subprograms that ar...
PT-2026-51884
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An inode reference leak exists in the fsnotify subsystem. The function fsnotify recalc mask fails to handle the return value of fsnotify recalc mask, which may return an inode pointer th...
PT-2026-51992
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the mt7915 WiFi driver. When an mt7915 PCI chip is detached, the mt7915 coredump unregister function releases mt7915 crash data. However, a race conditio...
PT-2026-51796
A missing permission check in Jenkins Git Parameter Plugin 462.vdcf3df2ed2ca and earlier allows attackers with Item/Read permission to obtain information about the SCM repository used by a job, such as branch names, tag names, and revision metadata...
PT-2026-51994
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the mt76 wireless driver during remain-on-channel operations. The functions mt76 remain on channel and mt76 roc complete call mt76 set channel while already holding...
PT-2026-52118
Name of the Vulnerable Software and Affected Versions Rocket.Chat versions prior to 8.5.1 Rocket.Chat versions prior to 8.4.4 Rocket.Chat versions prior to 8.3.6 Rocket.Chat versions prior to 8.2.6 Rocket.Chat versions prior to 8.1.6 Rocket.Chat versions prior to 8.0.7 Rocket.Chat versions prior ...
PT-2026-51966
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A locking issue exists in the Bluetooth subsystem within the hci conn request evt function when the protocol is set to HCI PROTO DEFER. In this state, the function calls hci connect...
PT-2026-51856
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer leak occurs in the ceph module within the ceph setxattr function. During a retry operation, the old blob variable can store the value of ci-i xattrs.prealloc blob, but the ceph...
PT-2026-51848
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libceph component where the decode choose args function fails to properly handle errors during rbtree insertion. When processing a CEPH MSG OSD MAP message...