VIR Vulnerability Intelligence Relay

Search

Found 24,951 results in 2318ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43311 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generic_handle_irq() call Currently, when resuming from system suspend on Tegra platforms, the followi…
CVE-2026-43310 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: th…
CVE-2026-43309 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID a…
CVE-2026-43308 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() There is no need to BUG(), we can just return an error…
CVE-2026-43307 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N sam…
CVE-2026-43306 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function c…
CVE-2026-43305 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path [Why] The evaluation for whether we need to use the DMU…
CVE-2026-43304 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPH_MAX_KEY_LEN When decoding the key, verify that the key material would fit into a fixed-size buff…
CVE-2026-43303 high 7.8 7.8 FIX sles rheldebian debian google 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: clear page->private in free_pages_prepare() Several subsystems (slub, shmem, ttm, etc.) use page->private but don'…
CVE-2026-43302 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIG_DMA_API_DEBUG enabled, the kernel occa…
CVE-2026-43301 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pm_runtime_put_sync() with pm_runtime_dont_use_autosuspen…
CVE-2026-43300 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() In jdi_panel_dsi_remove(), jdi is explicitly checked…
CVE-2026-43299 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure() [BUG] There is a bug report that when btrfs hits ENO…
CVE-2026-43298 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace…
CVE-2026-43297 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init() rga_get_frame() can return ERR_PTR(-EINVAL) when buffer …
CVE-2026-43296 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs…
CVE-2026-43295 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() When idtab allocation fails, net is not registered with rio_…
CVE-2026-43294 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels Since commit 56de5e305d4b ("clk: renesas: r9a07g04…
CVE-2026-43293 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode (irq < 0) to prev…
CVE-2026-43292 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node When CONFIG_PAGE_OWNER is enabled, freeing KASAN shadow pages during…
CVE-2026-43291 high 8.3 8.3 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b ("net: nfc: nci: Add parameter validation for p…
CVE-2026-43290 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Return queued buffers on start_streaming() failure Return buffers if streaming fails to start due to uvc_pm_get(…
CVE-2026-43289 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: kexec: derive purgatory entry from symbol kexec_load_purgatory() derives image->start by locating e_entry inside an SHF_EXECINSTR…
CVE-2026-43288 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4_percpu_param_init() before ext4_mb_init() When running `kvm-xfstests -c ext4/1k -C 1 generic/383` with the `DOUBL…
CVE-2026-43287 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRM_IOCTL_MODE_CREATEPROPBLOB allows userspace to allocate arbitrary-sized proper…
CVE-2026-43286 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 ("mm: hugetlb: fix incorrect fallback for subpool")…
CVE-2026-43285 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current->mems_allowed_seq if !allow_spin Lockdep complains when get_from_any_partial() is called in an NMI…
CVE-2026-41506 high 7.4 7.4 FIX debian debian sles go-git_project 1mo ago go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smar…
CVE-2025-71302 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/panthor: fix for dma-fence safe access rules Commit 506aa8b02a8d6 ("dma-fence: Add safe access helpers and document the rules…
CVE-2025-71301 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around vmap/vunmap Acquire and release the GEM object's reservation lock around vmap and …
CVE-2025-71300 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: zynqmp: Add an OP-TEE node to the device tree" This reverts commit 06d22ed6b6635b17551f386b50bb5aaff9b75fbe. OP-T…
CVE-2025-71299 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled …
CVE-2025-71298 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the …
CVE-2025-71297 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() rtw8822b_set_antenna() can be called from userspace when the chip…
CVE-2025-71296 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around purge Acquire and release the GEM object's reservation lock around calls to the ob…
CVE-2026-44928 medium 5.3 5.3 slesdebian debian uriparser_project 1mo ago In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.
CVE-2026-44927 medium 5.3 5.3 slesdebian debian uriparser_project 1mo ago In uriparser before 1.0.2, there is pointer difference truncation to int in various places.
CVE-2013-10075 critical 9.1 9.1 debian debian chorny 1mo ago Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not ex…
CVE-2023-47268 medium 5.3 5.3 debian debian prusa3d 1mo ago In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6.1, a crafted 3mf project file can execute arbitrary code on a host where the project is sliced and G-code exported.
CVE-2026-42264 critical 9.1 9.1 FIX slesdebian debian axios 1mo ago Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking
CVE-2026-42150 medium 4.8 4.8 FIX debian debian weblate 1mo ago wlc is a Weblate command-line client using Weblate's REST API. Prior to version 2.0.0, the HTML output format in wlc embeds API response data into HTML without escaping, allowing cross-site scripting…
CVE-2026-8124 medium 5.5 5.5 debian debian gpac 1mo ago A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. …
CVE-2026-44837 high 7.5 7.5 debian debian viewcomponent 1mo ago view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file …
CVE-2026-40295 medium 6.1 6.1 debian debian heartcombo 1mo ago Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable Session Timeout Handler
CVE-2026-40214 medium 6.3 6.3 FIX debian debian 1mo ago In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the database is never populated (NULL for every ARQ), da…
CVE-2026-40213 high 7.4 7.4 FIX debian debian 1mo ago OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid Keystone token regardless…
CVE-2026-8088 medium 5.5 5.5 FIX debian debian osgeo 1mo ago A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bo…
CVE-2026-8087 high 7.8 7.8 FIX debian debian osgeo 1mo ago A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldNam…
CVE-2026-42501 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module pr…
CVE-2026-42499 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
CVE-2026-42225 medium 5.9 5.9 debian debian teluu 1mo ago PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport (sip_transport_tls) can accept connections with invalid o…
CVE-2026-39836 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
CVE-2026-39826 medium 6.1 6.1 FIX debian debian sleswindows windows golanggoogle 1mo ago If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape a…
CVE-2026-39825 medium 5.3 5.3 FIX debian debian sleswindows windows golanggoogle 1mo ago ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitize…
CVE-2026-39823 medium 6.1 6.1 FIX debian debian sleswindows windows golanggoogle 1mo ago CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune ins…
CVE-2026-39820 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
CVE-2026-39819 medium 5.3 5.3 FIX debian debian sleswindows windows golanggoogle 1mo ago The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one…
CVE-2026-39817 medium 5.9 5.9 FIX debian debian sleswindows windows golanggoogle 1mo ago The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" su…
CVE-2026-33814 high 7.5 7.5 debian debian sleswindows windows golanggoogle 1mo ago When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
CVE-2026-33811 high 7.5 7.5 FIX debian debian sleswindows windows golanggoogle 1mo ago When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
CVE-2026-8086 high 7.8 7.8 FIX debian debian osgeo 1mo ago A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…
CVE-2026-8084 medium 5.5 5.5 FIX debian debian osgeo 1mo ago A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This…
CVE-2026-44742 medium 6.1 6.1 FIX debian debianubuntu ubuntu postorius_project 1mo ago Postorius vulnerability
CVE-2026-44244 high 7.8 7.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42284 critical 9.8 9.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-42215 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu gitpython_project 1mo ago GitPython vulnerabilities
CVE-2026-41650 medium 6.1 6.1 slesdebian debian naturalintelligence 1mo ago fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters
CVE-2026-41685 medium 4.3 4.3 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can run the Incus server out of disk space, potentially taking …
CVE-2026-41684 medium 6.5 6.5 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only falls back to parsing the legacy bac…
CVE-2026-41648 medium 5.0 5.0 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This wa…
CVE-2026-41647 medium 6.5 6.5 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user to cause a daemon crash through the import of a trunca…
CVE-2026-42011 high 7.4 7.4 FIX debian debian sleswindows windows 1mo ago GnuTLS vulnerabilities
CVE-2026-8093 high 8.1 8.1 FIX debian debian sles mozilla 1mo ago Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary …
CVE-2026-8091 critical 9.8 9.8 FIX debian debian sles mozilla 1mo ago Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.…
CVE-2026-42285 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer can trigger a fatal panic in GoBGP by sending…
CVE-2026-41643 high 7.5 7.5 FIX debian debianubuntu ubuntu osrg 1mo ago GoBGP vulnerabilities
CVE-2026-41642 high 7.5 7.5 FIX debian debian osrg 1mo ago GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
CVE-2026-42010 high 7.1 7.1 FIX debian debian sles rhel gnuredhat 1mo ago GnuTLS vulnerabilities
CVE-2026-4430 high 7.8 7.8 FIX debian debian slesubuntu ubuntu libreoffice 1mo ago LibreOffice vulnerability
CVE-2026-44603 critical 9.1 9.1 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has an out-of-bounds read by one byte via a malformed BEGIN cell, aka TROVE-2026-007.
CVE-2026-44602 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has a NULL pointer dereference when a CERT cell is received out of order, aka TROVE-2026-006.
CVE-2026-44601 high 7.5 7.5 FIX debian debian torproject 1mo ago Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009.
CVE-2026-42217 critical 9.8 9.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-42216 critical 9.1 9.1 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-41675 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated processing instruction serialization
CVE-2026-41674 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML injection through unvalidated DocumentType serialization
CVE-2026-41673 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom: Uncontrolled recursion in XML serialization leads to DoS
CVE-2026-41672 high 8.0 FIX slesdebian debianwindows windows 1mo ago xmldom has XML node injection through unvalidated comment serialization
CVE-2026-41142 high 8.8 8.8 slesdebian debian openexr 1mo ago OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3…
CVE-2026-44600 medium 5.3 5.3 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 mishandles accounting of the conflux out-of-order queue during the clearing of a queue, aka TROVE-2026-010.
CVE-2026-44599 medium 5.3 5.3 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 can attempt or accept BEGIN_DIR via conflux legs, aka TROVE-2026-008.
CVE-2026-44597 critical 9.1 9.1 FIX debian debian torproject 1mo ago Tor before 0.4.9.7 has an out-of-bounds read when an END, a TRUNCATE, or a TRUNCATED cell lacks a reason in its payload, aka TROVE-2026-011.
CVE-2026-44312 medium 5.8 5.8 FIX debian debian 1mo ago css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle (MITM) attacker to inject or modify CSS content when s…
CVE-2026-33636 high 8.0 FIX rheldebian debian sles 1mo ago libpng vulnerabilities
CVE-2026-33554 high 7.5 7.5 FIX rheldebian debian sles 1mo ago ipmi-oem in FreeIPMI before 1.6.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform m…
CVE-2026-0897 high 8.0 debian debian 1mo ago Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (…
CVE-2026-41417 medium 5.3 5.3 slesdebian debian netty 1mo ago Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection
CVE-2026-44307 high 8.0 FIX debian debianwindows windows 1mo ago Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
CVE-2026-40251 medium 6.5 6.5 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. In versions before 7.0.0, missing validation logic in the storage volume import logic allows an authenticated user with access to the storage …
CVE-2026-40243 medium 4.8 4.8 FIX debian debian linuxcontainers 1mo ago Incus is a system container and virtual machine manager. In versions before 7.0.0, broken TLS validation logic in the OVN database connection logic can allow connections to an attacker's OVN database…