14 hours 12 minutes ago
Artur Stetsko discovered that the .NET did not properly validate
authentication data. An attacker could possibly use this issue to elevate
privileges. (CVE-2026-47300)
Levi Broderick discovered that .NET did not properly handle XML encryption
during parsing. An attacker could possibly use this issue to consume
excessive resources, resulting in a denial of service. (CVE-2026-47302)
Pham Quang Minh discovered that .NET did not properly parse
authentication data. An attacker could possibly use this issue to bypass
authentication and elevate privileges. (CVE-2026-47303)
Levi Broderick discovered that .NET did not properly verify cryptographic
signatures during XML encryption. An attacker could possibly use this issue
to bypass security features over a network and access encrypted data.
(CVE-2026-47304)
It was discovered that .NET did not properly validate input during TLS
handshakes. An attacker could possibly use this issue to cause .NET to
crash, resulting in a denial of service. (CVE-2026-50524)
Levi Broderick discovered that .NET did not properly handle resource
allocation during XML encryption. An attacker could possibly use this issue
to consume excessive resources, resulting in a denial of service.
(CVE-2026-50525)
Siwei Li discovered that .NET did not properly handle link resolution
before file access during the container image build process. A local
attacker could possibly use this issue to inject resources that could be
incorporated into container images built by other users on the same
machine. (CVE-2026-50526)
Levi Broderick discovered that .NET did not properly handle memory while
performing XML encryption. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-50527)
Henrique Pereira discovered that .NET did not properly handle
authorization checks during TLS/SSL connections. An attacker could
possibly use this issue to bypass authorization checks during secure
communications. (CVE-2026-50528)
It was discovered that .NET did not properly handle resource allocation
during XML encryption. An attacker could possibly use this issue to
consume excessive resources, resulting in a denial of service.
(CVE-2026-50648)
Miha Zupan discovered that .NET did not properly limit resource
allocation when handling HTTP/2 requests. An attacker could possibly use
this issue to consume excessive resources, resulting in a denial of
service. (CVE-2026-50651)
It was discovered that the .NET SMTP client did not properly handle the
encoding or escaping of output. An attacker could possibly use this issue
to spoof messages during message routing. (CVE-2026-50659)
It was discovered that .NET did not properly validate resource types when
parsing X.509 certificates. An attacker could possibly use this issue to
cause .NET to crash, resulting in a denial of service. (CVE-2026-57108)
16 hours 36 minutes ago
It was discovered that Sympa did not properly validate input on the
generic SSO login. A remote attacker could possibly use this issue to
perform a path traversal attack and gain unintended access.
17 hours 10 minutes ago
It was discovered that Tomcat incorrectly handled authorization when
multiple method constraints defined the same HTTP method. A remote
attacker could possibly use this issue to bypass authorization
restrictions. (CVE-2026-43515)
It was discovered that the Tomcat number guess example application did
not properly sanitize user-supplied input. An attacker could possibly
use this issue to inject malicious scripts, resulting in cross-site
scripting. (CVE-2026-50229)
It was discovered that Tomcat incorrectly evaluated rewrite valve
conditions in certain configurations. An attacker could possibly use
this issue to bypass rewrite rules, resulting in unauthorized access.
(CVE-2026-53404)
It was discovered that Tomcat incorrectly omitted certain authorization
information when logging the effective web.xml configuration. An
attacker could possibly use this issue to hide authorization
constraints, resulting in reduced auditability. (CVE-2026-55276)
17 hours 27 minutes ago
It was discovered that libslirp incorrectly handled TCP urgent data. A
privileged attacker inside a guest VM could possibly use this issue to
obtain sensitive information from the host process memory.
17 hours 39 minutes ago
It was discovered that idna did not properly reject oversized inputs before
performing expensive processing. An attacker could possibly use this issue
to cause idna to consume significant resources, leading to a denial of
service.
19 hours 18 minutes ago
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this to escalate
privileges, or possibly escape a container. (CVE-2026-43503)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SCSI subsystem;
- Thermal drivers;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Tracing infrastructure;
- B.A.T.M.A.N. meshing protocol;
- Ceph Core library;
- DCCP (Datagram Congestion Control Protocol);
- IPv4 networking;
- IPv6 networking;
- Netfilter;
- RxRPC session sockets;
- X.25 network layer;
(CVE-2021-47117, CVE-2021-47202, CVE-2023-52646, CVE-2024-56643,
CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637,
CVE-2026-31659, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037,
CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43414,
CVE-2026-45988, CVE-2026-46119, CVE-2026-46243)
20 hours 26 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- RISC-V architecture;
- Cryptographic API;
- InfiniBand drivers;
- IOMMU subsystem;
- Network drivers;
- STMicroelectronics network drivers;
- NVME drivers;
- x86 platform drivers;
- SCSI subsystem;
- SPI subsystem;
- TCM subsystem;
- USB over IP driver;
- File systems infrastructure;
- HFS+ file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- IPv6 networking;
- Tracing infrastructure;
- Timer subsystem;
- B.A.T.M.A.N. meshing protocol;
- Bluetooth subsystem;
- Ethernet bridge;
- Ceph Core library;
- IPv4 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- RxRPC session sockets;
- SMC sockets;
- Sun RPC protocol;
- X.25 network layer;
- AMD SoC Alsa drivers;
- KVM subsystem;
(CVE-2022-48816, CVE-2023-53673, CVE-2025-37778, CVE-2025-37822,
CVE-2025-37924, CVE-2025-38201, CVE-2025-40082, CVE-2025-68214,
CVE-2025-68263, CVE-2025-71089, CVE-2025-71220, CVE-2025-71222,
CVE-2025-71224, CVE-2026-23176, CVE-2026-23180, CVE-2026-23182,
CVE-2026-23190, CVE-2026-23193, CVE-2026-23198, CVE-2026-23202,
CVE-2026-23206, CVE-2026-23216, CVE-2026-23256, CVE-2026-23257,
CVE-2026-23258, CVE-2026-23262, CVE-2026-23272, CVE-2026-23278,
CVE-2026-23428, CVE-2026-23450, CVE-2026-23455, CVE-2026-31402,
CVE-2026-31418, CVE-2026-31478, CVE-2026-31607, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-43011,
CVE-2026-43037, CVE-2026-43038, CVE-2026-43071, CVE-2026-43114,
CVE-2026-43117, CVE-2026-43185, CVE-2026-43186, CVE-2026-43304,
CVE-2026-43341, CVE-2026-43383, CVE-2026-43406, CVE-2026-43407,
CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45988,
CVE-2026-46043, CVE-2026-46119, CVE-2026-46135, CVE-2026-46195,
CVE-2026-46243)
22 hours 59 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Cryptographic API;
- DMA engine subsystem;
- InfiniBand drivers;
- STMicroelectronics network drivers;
- Network drivers;
- NVME drivers;
- SCSI subsystem;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Kernel thread helper (kthread);
- IPv6 networking;
- Tracing infrastructure;
- Kernel exit() syscall;
- Scatterlist API;
- B.A.T.M.A.N. meshing protocol;
- Ethernet bridge;
- Ceph Core library;
- IPv4 networking;
- Multipath TCP;
- Netfilter;
- RxRPC session sockets;
- SMC sockets;
- X.25 network layer;
(CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392,
CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,
CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448,
CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718,
CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071,
CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125,
CVE-2026-43185, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304,
CVE-2026-43341, CVE-2026-43376, CVE-2026-43378, CVE-2026-43383,
CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407,
CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898,
CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115,
CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195,
CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289,
CVE-2026-46316, CVE-2026-46325)
23 hours 29 minutes ago
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- Cryptographic API;
- DMA engine subsystem;
- InfiniBand drivers;
- STMicroelectronics network drivers;
- Network drivers;
- NVME drivers;
- SCSI subsystem;
- USB over IP driver;
- File systems infrastructure;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Kernel thread helper (kthread);
- IPv6 networking;
- Tracing infrastructure;
- Kernel exit() syscall;
- Scatterlist API;
- B.A.T.M.A.N. meshing protocol;
- Ethernet bridge;
- Ceph Core library;
- IPv4 networking;
- Multipath TCP;
- Netfilter;
- RxRPC session sockets;
- SMC sockets;
- X.25 network layer;
(CVE-2026-22984, CVE-2026-23272, CVE-2026-23278, CVE-2026-23392,
CVE-2026-23427, CVE-2026-23428, CVE-2026-23450, CVE-2026-23455,
CVE-2026-31402, CVE-2026-31418, CVE-2026-31436, CVE-2026-31448,
CVE-2026-31478, CVE-2026-31607, CVE-2026-31635, CVE-2026-31637,
CVE-2026-31649, CVE-2026-31657, CVE-2026-31659, CVE-2026-31668,
CVE-2026-31669, CVE-2026-31682, CVE-2026-31685, CVE-2026-31718,
CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43071,
CVE-2026-43083, CVE-2026-43114, CVE-2026-43117, CVE-2026-43125,
CVE-2026-43185, CVE-2026-43186, CVE-2026-43197, CVE-2026-43304,
CVE-2026-43341, CVE-2026-43376, CVE-2026-43378, CVE-2026-43383,
CVE-2026-43384, CVE-2026-43402, CVE-2026-43406, CVE-2026-43407,
CVE-2026-43414, CVE-2026-43493, CVE-2026-43501, CVE-2026-45898,
CVE-2026-45988, CVE-2026-46039, CVE-2026-46043, CVE-2026-46115,
CVE-2026-46119, CVE-2026-46135, CVE-2026-46185, CVE-2026-46195,
CVE-2026-46243, CVE-2026-46244, CVE-2026-46266, CVE-2026-46289,
CVE-2026-46316, CVE-2026-46325)
1 day 9 hours ago
It was discovered that LuaJIT incorrectly handled certain inputs. An attacker
could possibly use these issues to cause a crash, resulting in a denial of
service, or execute arbitrary code.
1 day 12 hours ago
It was discovered that Wget mishandled semicolons in the userinfo
subcomponent of a URL. A remote attacker could possibly use this issue
to trick a user into connecting to a different host than intended. This
issue only affected Ubuntu 14.04 LTS. (CVE-2024-38428)
It was discovered that Wget incorrectly handled Metalink documents
containing a whitespace-only URL. A remote attacker could possibly use
this issue to cause a denial of service. This issue only affected Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu
26.04 LTS. (CVE-2026-58469)
It was discovered that Wget incorrectly handled Content-Range header
values, leading to an integer overflow. A remote attacker could
possibly use this issue to cause download desynchronization.
(CVE-2026-58470)
It was discovered that Wget incorrectly handled character set
conversion of server-supplied filenames. A remote attacker could possibly
use this issue to cause a denial of service or possibly execute arbitrary
code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS. (CVE-2026-58471)
It was discovered that Wget incorrectly handled HTML attributes
requiring entity encoding. A remote attacker could possibly use this issue
to cause a denial of service or possibly execute arbitrary code.
(CVE-2026-58472)
1 day 13 hours ago
Yiwei Hou discovered that Dnsmasq incorrectly handled logging of DS or
DNSKEY. A remote attacker could possibly use this issue to cause a
denial of service. (CVE-2026-12725)
It was discovered that Dnsmasq incorrectly validated the length of
fixed-length DNS record fields when parsing NS section records. A remote
attacker could possibly use this issue to cause Dnsmasq to read out of
bounds, possibly exposing sensitive information. (CVE-2026-12969)
1 day 14 hours ago
USN-8526-1 fixed vulnerabilities in libheif. This update provides the
corresponding updates for CVE-2026-47709 and CVE-2026-47714 in
Ubuntu 24.04 LTS.
Original advisory details:
Junyi Liu discovered that libheif had a null pointer dereference in its
image tiling interface. An attacker could possibly use this issue to
cause a denial of service. (CVE-2026-47709)
Calvin Young and Enoch Chow discovered that libheif had an integer
overflow in its inline mask size calculation. An attacker could
possibly use this issue to cause a denial of service or obtain sensitive
information. (CVE-2026-47714)
1 day 15 hours ago
Hirohito Higashi discovered that Vim incorrectly escaped class or trait
names when performing PHP omni-completion. An attacker could possibly
use this issue to trick a user into opening a specially crafted PHP
file and executing arbitrary commands. This issue only affected Ubuntu
22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS. (CVE-2026-59856)
Hirohito Higashi discovered that Vim incorrectly handled sound-folding
of certain words when using a spell file. An attacker could possibly
use this issue to cause Vim to crash, resulting in a denial of service.
(CVE-2026-59857)
It was discovered that Vim incorrectly escaped certain tags file fields
when performing C omni-completion. An attacker could possibly use this
issue to trick a user into opening a specially crafted file and
executing arbitrary commands. (CVE-2026-59858)
1 day 15 hours ago
It was discovered that OpenVPN had a 1-byte buffer overrun when handling
NTLMv2 proxy responses. An attacker could use this issue to cause a denial
of service or possibly execute arbitrary code. This issue only affected
Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-11771)
It was discovered that OpenVPN incorrectly handled metadata when extracting
tls-crypt-v2 client keys. An attacker could possibly use this issue to
obtain sensitive information. (CVE-2026-12932)
It was discovered that OpenVPN had a use-after-free in the ack_write_buf
handling. An attacker could use this issue to cause OpenVPN to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2026-12996)
It was discovered that OpenVPN had a use-after-free in the tls_wrap_reneg
handling. An attacker could use this issue to cause OpenVPN to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. (CVE-2026-13117)
It was discovered that OpenVPN incorrectly validated authentication tokens
when external authentication was enabled. A remote attacker could possibly
use this issue to cause OpenVPN to crash, resulting in a denial of service.
This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS.
(CVE-2026-13122)
It was discovered that OpenVPN had a memory leak when handling tls-crypt-v2
client keys. A remote attacker with a valid tls-crypt-v2 client key could
possibly use this issue to cause OpenVPN to consume excessive resources,
leading to a denial of service. (CVE-2026-13698)
1 day 16 hours ago
Haruto Kimura discovered that GnuTLS did not properly apply permitted
name constraints in certain certificate validation paths. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-42011)
Oleh Konko discovered that GnuTLS incorrectly fell back to Common Name
checks for certain URI and SRV subject alternative names. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-42012)
Haruto Kimura and Joshua Rogers discovered that GnuTLS incorrectly fell
back to Common Name checks when subject alternative names were
oversized. A remote attacker could possibly use this issue to bypass
certificate validation, leading to a machine-in-the-middle attack.
(CVE-2026-42013)
Luigino Camastra and Joshua Rogers discovered that GnuTLS had a
use-after-free issue when changing PKCS#11 token security officer PINs
in certain cases. An attacker could possibly use this issue to cause
GnuTLS to crash, resulting in a denial of service, or execute arbitrary
code. (CVE-2026-42014)
Zou Dikai discovered that GnuTLS did not properly validate PKCS#12 bag
sizes in certain cases. An attacker could possibly use this issue to
cause GnuTLS to crash, resulting in a denial of service, or execute
arbitrary code. (CVE-2026-42015)
1 day 19 hours ago
It was discovered that alsa-lib incorrectly handled certain ALSA
configuration text. An attacker could use this issue to cause alsa-lib to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
1 day 19 hours ago
It was discovered that httplib2 performed unbounded decompression of HTTP
response bodies when the server used gzip or deflate Content-Encoding. A
remote attacker could possibly use this issue to cause httplib2 to use
excessive resources, leading to a denial of service.
1 day 19 hours ago
It was discovered that MariaDB did not properly validate parameters
supplied by a joiner node during a State Snapshot Transfer using the
mariabackup method. An attacker could possibly use this issue to execute
arbitrary shell commands on the donor node. (CVE-2026-44168)
It was discovered that MariaDB did not properly enforce the SHOW CREATE
ROUTINE privilege when a user obtained access to a stored routine via a
role. An authenticated user could possibly use this issue to obtain
sensitive information. (CVE-2026-44169)
It was discovered that MariaDB's mbstream utility did not properly validate
paths when unpacking archives. An attacker could possibly use this issue to
write files outside of the intended target directory. (CVE-2026-44171)
It was discovered that MariaDB's mysql_real_escape_string() function
incorrectly handled the big5 character set. An attacker could possibly use
this issue to perform SQL injection attacks. (CVE-2026-44172)
It was discovered that MariaDB did not properly check the FILE privilege
when the FROM clause of a SELECT ... INTO OUTFILE or SELECT ... INTO
DUMPFILE statement contained only subqueries. An authenticated user could
possibly use this issue to write files to unintended locations.
(CVE-2026-44173)
It was discovered that MariaDB did not properly validate parameters
supplied by a joiner node during a State Snapshot Transfer using the rsync
method. An attacker could possibly use this issue to execute arbitrary
shell commands on the donor node. (CVE-2026-48163)
It was discovered that MariaDB allowed a high-privileged user to set
certain Galera system variables to values containing shell commands, which
were then executed by the server process. An authenticated user could
possibly use this issue to execute arbitrary shell commands.
(CVE-2026-48165)
It was discovered that MariaDB executed shell commands embedded in the name
of a joiner node when wsrep_notify_cmd was enabled. A remote attacker could
possibly use this issue to execute arbitrary shell commands.
(CVE-2026-49261)
2 days 15 hours ago
It was discovered that PipeWire accepted unbounded Content-Length values
in its RAOP module. A remote attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 24.04 LTS.
(CVE-2026-14324)
It was discovered that PipeWire performed multiple unbounded stack
allocations in its PulseAudio protocol server. A local attacker could
possibly use this issue to cause a denial of service. (CVE-2026-14330)
Checked
31 minutes 47 seconds ago