A flaw was found in the `github
Description
A flaw was found in the `github
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17426 vulnerabilities with AI analyst insights
A flaw was found in the `github
A flaw was found in the `github
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Flowise is a drag & drop user interface to build a customized large language model flow
Flowise is a drag & drop user interface to build a customized large language model flow
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Budibase contains an authorization bypass vulnerability in the SCIM API, allowing authenticated users to perform unauthorized CRUD operations on all u...
Budibase contains an authorization bypass vulnerability in the SCIM API, allowing authenticated users to perform unauthorized CRUD operations on all users and groups.
---METADATA---
VENDOR: Budibase
PRODUCT: Budibase
AFFECTED_VERSIONS: Prior to 3.38.2
---END_METADATA---
Description Summary:
Budibase contains an authorization bypass vulnerability in the SCIM API, allowing authenticated users to perform unauthorized CRUD operations on all users and groups.
Executive Summary:
An authorization flaw in the Budibase SCIM API allows authenticated users to gain unauthorized administrative control over tenant user and group data.
Vulnerability Details
CVE-ID: CVE-2026-46425
Affected Software: Budibase Budibase
Affected Versions: Prior to 3.38.2
Vulnerability: The SCIM router fails to implement role-based access control, allowing any authenticated user—regardless of their assigned role—to interact with sensitive administrative SCIM endpoints.
Business Impact
Successful exploitation allows an attacker to manipulate the entire user directory, including the creation, modification, or deletion of administrative accounts. Given the CVSS score of 9.9, this poses a critical risk of full tenant compromise and unauthorized data manipulation, potentially leading to a complete loss of platform integrity.
Remediation Plan
Immediate Action: Upgrade all Budibase instances to version 3.38.2 or later to enforce mandatory role checks on SCIM endpoints.
Proactive Monitoring: Review application access logs for unusual patterns of SCIM API requests or unauthorized modifications to user and group structures.
Compensating Controls: If immediate patching is not feasible, restrict network access to the SCIM API endpoints via firewall rules to known trusted administrative IP addresses.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability represents a critical breakdown in access control. Administrators must prioritize updating to version 3.38.2 immediately to prevent unauthorized administrative escalation within the environment.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Rocket.Chat's SAML implementation fails to validate signatures when no IdP certificate is configured, allowing unauthenticated attackers to bypass aut...
Rocket.Chat's SAML implementation fails to validate signatures when no IdP certificate is configured, allowing unauthenticated attackers to bypass authentication.
---METADATA---
VENDOR: RocketChat
PRODUCT: Rocket.Chat
AFFECTED_VERSIONS: 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11
---END_METADATA---
Description Summary:
Rocket.Chat's SAML implementation fails to validate signatures when no IdP certificate is configured, allowing unauthenticated attackers to bypass authentication.
Executive Summary:
A critical authentication bypass in Rocket.Chat allows unauthenticated attackers to gain unauthorized access due to a failure in SAML signature validation.
Vulnerability Details
CVE-ID: CVE-2026-46423
Affected Software: RocketChat Rocket.Chat
Affected Versions: Versions prior to 8.5.0, 8.4.1, 8.3.3, 8.2.3, 8.1.4, 8.0.5, 7.13.7, and 7.10.11
Vulnerability: The SAML service provider implementation contains a fail-open design where signature validation is skipped if the IdP certificate is missing. Because this is the default state, an unauthenticated attacker can submit forged SAML assertions to gain unauthorized access.
Business Impact
With a CVSS score of 9.3, this flaw represents a complete breakdown of the authentication mechanism. Successful exploitation grants attackers full access to the Rocket.Chat platform, potentially exposing all internal communications, user data, and sensitive workspace information, leading to a catastrophic data breach.
Remediation Plan
Immediate Action: Apply the vendor-provided security updates (8.5.0, 8.4.1, 8.3.3, etc.) immediately to enforce mandatory SAML signature validation.
Proactive Monitoring: Audit SAML configuration settings to ensure a valid IdP certificate is properly defined and monitor login logs for suspicious authentication patterns.
Compensating Controls: Temporarily disable SAML authentication if an immediate update cannot be performed, reverting to local authentication or other secure methods.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Jun 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This is an authentication-bypass class vulnerability that requires immediate attention. Organizations utilizing SAML for Rocket.Chat must treat this as a high-priority incident and apply the relevant patches to ensure the integrity of their authentication processes.
Update RocketChat Rocket.Chat to the latest version. Check the vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages
---METADATA---
VENDOR: Google
PRODUCT: Angular
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
Angular contains a security vulnerability that may allow for unauthorized operations within web applications developed on the platform.
Executive Summary:
A High-severity security vulnerability in the Angular development platform poses a significant risk to the security posture of applications built using the framework.
Vulnerability Details
CVE-ID: CVE-2026-46417
Affected Software: Google Angular
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Angular framework, potentially exposing applications to security risks during the processing of client-side operations. The flaw requires further investigation into the specific injection or bypass vector to determine if user authentication is required for successful exploitation.
Business Impact
A CVSS score of 8.8 indicates a high potential for impact on application security, including cross-site scripting (XSS) or unauthorized data access. If exploited, this could lead to the theft of user sessions, sensitive data leakage, or the compromise of the end-user experience, causing significant reputational damage.
Remediation Plan
Immediate Action: Update all instances of the Angular framework to the latest stable version provided by the vendor immediately.
Proactive Monitoring: Review application access logs and monitor for unusual traffic patterns that deviate from standard user behavior.
Compensating Controls: Implement strict Content Security Policy (CSP) headers to mitigate potential client-side execution risks while the update process is underway.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 23, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Because Angular serves as the foundation for modern web applications, the impact of this vulnerability is widespread. It is critical that development teams verify their current version and apply security updates as soon as they are made available to protect the integrity of their web applications.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Microsoft UFO open-source framework for intelligent automation across devices and platforms
Microsoft UFO open-source framework for intelligent automation across devices and platforms
---METADATA---
VENDOR: Microsoft
PRODUCT: UFO open-source framework
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A vulnerability exists in the Microsoft UFO open-source framework for intelligent automation, potentially impacting connected devices and platforms.
Executive Summary:
Microsoft’s UFO open-source framework is affected by a high-severity vulnerability that may allow for unauthorized manipulation of automated systems.
Vulnerability Details
CVE-ID: CVE-2026-46414
Affected Software: Microsoft UFO open-source framework
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Microsoft UFO framework, though specific technical details regarding the vulnerability type and required authentication levels remain currently unavailable.
Business Impact
The CVSS score of 8.8 reflects a significant risk to any environment utilizing the UFO framework for intelligent automation. Successful exploitation could lead to the compromise of automated workflows, unauthorized control over connected devices, and potential data manipulation within the automation ecosystem.
Remediation Plan
Immediate Action: Monitor official Microsoft security disclosures and update the UFO framework to the latest version immediately once a patch is provided.
Proactive Monitoring: Review logs for the UFO framework for unexpected execution patterns or unauthorized API calls that deviate from standard automation workflows.
Compensating Controls: Isolate systems running the UFO framework from public-facing networks and apply strict identity and access management (IAM) controls to mitigate unauthorized interaction.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 28, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the critical nature of automation frameworks, this vulnerability should be addressed immediately. Organizations should verify their current deployment versions and prepare to patch as soon as Microsoft issues an update to ensure the integrity of their automated processes.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores
---METADATA---
VENDOR: Vvveb
PRODUCT: CMS
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A vulnerability has been identified in the Vvveb Content Management System (CMS) that potentially impacts the security of websites, blogs, or ecommerce stores utilizing the platform.
Executive Summary:
The Vvveb CMS is affected by a security vulnerability that poses a significant risk to the integrity and confidentiality of web applications built upon this platform.
Vulnerability Details
CVE-ID: CVE-2026-46408
Affected Software: Vvveb CMS
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The specific technical nature of this vulnerability is currently undisclosed, but it affects the core functionality of the Vvveb CMS platform. The authentication requirements for exploitation remain unknown at this time.
Business Impact
Successful exploitation of this vulnerability could lead to unauthorized access, potential data exfiltration, or the compromise of web-based services. With a CVSS score of 7.6, this flaw is categorized as High severity, indicating a substantial risk to business operations and the security posture of hosted assets.
Remediation Plan
Immediate Action: Consult the official Vvveb security advisories to identify and apply the necessary security updates or patches provided by the vendor.
Proactive Monitoring: Review web server access logs for anomalous traffic patterns and monitor administrative account activity for unauthorized changes.
Compensating Controls: Deploy or update Web Application Firewall (WAF) rules to filter malicious traffic and provide virtual patching for common web-based attack vectors.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the High severity of this vulnerability, immediate investigation into the vendor's security portal is required. Organizations should prioritize patching as soon as the vendor releases actionable updates to mitigate the risk of unauthorized system access.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores
Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores
---METADATA---
VENDOR: Vvveb
PRODUCT: Vvveb CMS
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
The provided data lacks specific technical details regarding the vulnerability type within the Vvveb CMS platform.
Executive Summary:
A security vulnerability has been identified in the Vvveb CMS platform that requires immediate investigation and remediation by administrators.
Vulnerability Details
CVE-ID: CVE-2026-46407
Affected Software: Vvveb Vvveb CMS
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The provided input identifies a vulnerability in Vvveb CMS; however, it lacks specific details regarding the exploit vector or the nature of the flaw. Security teams should consult the vendor's official security advisories to determine the specific technical impact and authentication requirements.
Business Impact
With a CVSS score of 8.1, this vulnerability is categorized as High severity. Without specific technical details, the potential impact ranges from unauthorized data access to complete compromise of the CMS, which could lead to website defacement, loss of customer data, and significant reputational damage.
Remediation Plan
Immediate Action: Consult the official Vvveb security portal or vendor release notes to identify the specific patch version required to resolve this vulnerability.
Proactive Monitoring: Review web application logs for suspicious access patterns, unauthorized administrative logins, or unusual file modifications.
Compensating Controls: Implement a Web Application Firewall (WAF) to filter common web-based attack patterns while waiting for vendor-specific patch confirmation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Because the provided information is sparse, it is imperative that administrators cross-reference this CVE with the official vendor documentation. Prioritize patching the CMS as soon as an update is released by the developer to neutralize the threat.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute cert...
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certa...
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A logic error in the Kubernetes UDS Identity Config component allows attackers to bypass client secret authentication and obtain unauthorized OAuth2 t...
A logic error in the Kubernetes UDS Identity Config component allows attackers to bypass client secret authentication and obtain unauthorized OAuth2 tokens.
---METADATA---
VENDOR: Kubernetes
PRODUCT: UDS Identity Config
AFFECTED_VERSIONS: 0.11.0 through 0.26.0
---END_METADATA---
Description Summary:
A logic error in the Kubernetes UDS Identity Config component allows attackers to bypass client secret authentication and obtain unauthorized OAuth2 tokens.
Executive Summary:
A critical authentication bypass in Kubernetes UDS Identity Config allows attackers to impersonate clients and gain unauthorized access to service accounts.
Vulnerability Details
CVE-ID: CVE-2026-46389
Affected Software: Kubernetes UDS Identity Config
Affected Versions: 0.11.0 through 0.26.0
Vulnerability: A logic error in the client-kubernetes-secret Keycloak client authenticator causes the user-submitted client_secret to be overwritten by the mounted Kubernetes secret before comparison. This allows an attacker who knows a client_id to authenticate with an arbitrary secret and obtain tokens scoped to that client's service account.
Business Impact
With a CVSS score of 10.0, this vulnerability represents the highest level of risk. An attacker can gain broad administrative or service-level access, such as the ability to modify other clients via the uds-operator token, potentially leading to a full compromise of the identity management system and associated services.
Remediation Plan
Immediate Action: Update UDS Identity Config to version 0.26.1 or later.
Proactive Monitoring: Monitor Keycloak authentication logs for unusual token request patterns or authentication attempts using unexpected client secrets.
Compensating Controls: Restrict access to the Keycloak token endpoint at the network or ingress controller level to limit the exposure of the identity service.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of June 5, 2026, there is no public information indicating active exploitation of this vulnerability. However, the critical nature of the flaw and the potential for total identity compromise make it an extremely high-risk target.
Analyst Recommendation
Immediate remediation is required due to the CVSS 10.0 rating and the potential for complete identity provider compromise. Organizations must upgrade to version 0.26.1 and review all recent authentication activity for signs of unauthorized token generation.
Update Kubernetes secret before to the latest version. Monitor for exploitation attempts and review access logs.
A default, insecure secret key configuration in the official OpenProject Docker image allows authenticated users to achieve remote code execution via...
A default, insecure secret key configuration in the official OpenProject Docker image allows authenticated users to achieve remote code execution via Marshal-deserialization of cookies.
---METADATA---
VENDOR: OpenProject
PRODUCT: OpenProject
AFFECTED_VERSIONS: All versions prior to the patch
---END_METADATA---
Description Summary:
A default, insecure secret key configuration in the official OpenProject Docker image allows authenticated users to achieve remote code execution via Marshal-deserialization of cookies.
Executive Summary:
A critical security misconfiguration in the official OpenProject Docker image exposes users to remote code execution due to the use of a predictable, default Rails master key.
Vulnerability Details
CVE-ID: CVE-2026-46386
Affected Software: OpenProject
Affected Versions: All versions using the vulnerable default Docker image configuration
Vulnerability: The official Docker image ships with a default Rails secret key (SECRET_KEY_BASE=OVERWRITE_ME), which allows authenticated users to forge cookies. Because the application uses :marshal for cookie serialization, this allows an attacker to trigger arbitrary code execution during the deserialization process.
Business Impact
This vulnerability carries a CVSS score of 9.9, reflecting the extreme risk of total system compromise. By leveraging this flaw, an authenticated user can execute arbitrary code on the server hosting the OpenProject application. This grants the attacker full control over the project management environment, facilitating lateral movement, data theft, or complete system takeover.
Remediation Plan
Immediate Action: Update to the latest version of OpenProject and ensure the SECRET_KEY_BASE environment variable is changed to a strong, unique, and securely generated secret.
Proactive Monitoring: Monitor server logs for signs of anomalous process execution or unexpected system-level changes originating from the OpenProject container.
Compensating Controls: Restrict access to the OpenProject instance to trusted networks only and ensure that the application is running with the least privilege necessary within the container environment.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Jun 26, 2026, there is no public information indicating active exploitation of this vulnerability. However, the presence of a hardcoded, publicly known default secret key makes this an attractive target for attackers, and the risk of exploitation remains critical.
Analyst Recommendation
The reliance on a default, predictable secret key in a production-ready Docker image is a significant security failure. Administrators must immediately rotate their secret keys and update their deployment configurations to ensure the environment is secured against this deserialization attack vector.
Update opf openproject to the latest version. Check the vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
luci-app-https-dns-proxy through 2025
luci-app-https-dns-proxy through 2025
---METADATA---
VENDOR: OpenWrt
PRODUCT: luci-app-https-dns-proxy
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The luci-app-https-dns-proxy package for OpenWrt contains an unspecified vulnerability.
Executive Summary:
A high-severity vulnerability has been identified in the luci-app-https-dns-proxy package for OpenWrt, which requires immediate attention from network administrators.
Vulnerability Details
CVE-ID: CVE-2026-46368
Affected Software: OpenWrt luci-app-https-dns-proxy
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The specific nature of this vulnerability in the DNS proxy application is currently under investigation, but it has been rated with a high CVSS score, suggesting a significant risk to network security.
Business Impact
With a CVSS score of 8.8, this vulnerability could potentially allow attackers to intercept or manipulate DNS traffic, leading to man-in-the-middle attacks or redirection of network users to malicious sites, which is critical for infrastructure security.
Remediation Plan
Immediate Action: Check for OpenWrt package updates and apply the latest version of the luci-app-https-dns-proxy package.
Proactive Monitoring: Monitor DNS query logs for signs of redirection or unauthorized traffic patterns.
Compensating Controls: If a patch is unavailable, consider temporarily disabling the proxy service or implementing alternative DNS security measures (e.g., DNSSEC).
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Network administrators should treat this vulnerability with urgency. Given the potential impact on network traffic integrity, ensure that all OpenWrt packages are updated to the latest secure versions as soon as they become available.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpMyFAQ before 4
phpMyFAQ before 4
---METADATA---
VENDOR: phpMyFAQ
PRODUCT: phpMyFAQ
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: medium
MISSING: patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A security vulnerability exists in versions of phpMyFAQ prior to 4, potentially exposing the application to unauthorized access.
Executive Summary:
A critical security vulnerability in phpMyFAQ prior to version 4 requires urgent attention to prevent unauthorized system access.
Vulnerability Details
CVE-ID: CVE-2026-46367
Affected Software: phpMyFAQ phpMyFAQ
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability affects phpMyFAQ versions prior to 4.0. While technical details are limited, vulnerabilities in this category often involve improper input validation or insufficient access controls, which may allow unauthenticated or authenticated attackers to influence system behavior.
Business Impact
With a CVSS score of 7.6, this vulnerability is classified as High severity. Successful exploitation could lead to unauthorized information disclosure or administrative control over the FAQ knowledge base, potentially resulting in the leakage of internal documentation or sensitive support data.
Remediation Plan
Immediate Action: Upgrade all instances of phpMyFAQ to version 4.0 or the latest available stable release to ensure the vulnerability is mitigated.
Proactive Monitoring: Monitor web server logs for suspicious requests targeting administrative endpoints or unusual query patterns within the application.
Compensating Controls: Restrict access to the phpMyFAQ administrative interface to trusted IP ranges only via firewall rules or VPN requirements.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 16, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations utilizing phpMyFAQ should treat this as a high-priority update. Upgrading to the latest version is the only definitive way to address the underlying security flaw and protect the application from potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpMyFAQ before 4
phpMyFAQ before 4
---METADATA---
VENDOR: phpMyFAQ
PRODUCT: phpMyFAQ
AFFECTED_VERSIONS: Versions prior to 4
CONFIDENCE: high
MISSING: patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A security vulnerability exists in versions of phpMyFAQ prior to 4, potentially exposing the application to unauthorized access or compromise.
Executive Summary:
Versions of phpMyFAQ prior to 4 are vulnerable to a security flaw that could allow for unauthorized system compromise.
Vulnerability Details
CVE-ID: CVE-2026-46366
Affected Software: phpMyFAQ
Affected Versions: Versions prior to 4
Vulnerability: This vulnerability affects the phpMyFAQ application architecture; the specific entry point and authentication requirements have not been publicly detailed. It is confirmed to affect all releases preceding the version 4 branch.
Business Impact
A CVSS score of 7.5 highlights a critical need for attention, as successful exploitation could lead to full application compromise or unauthorized data access. Such an impact could result in significant downtime and the loss of sensitive information managed within the FAQ system.
Remediation Plan
Immediate Action: Upgrade all instances of phpMyFAQ to version 4 or higher to ensure the vulnerability is fully remediated.
Proactive Monitoring: Monitor application error logs and database query logs for suspicious activity that may indicate an attempt to leverage this vulnerability.
Compensating Controls: Utilize a Web Application Firewall (WAF) to restrict access to the application and block known malicious patterns until the upgrade can be completed.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Users of phpMyFAQ must prioritize upgrading to version 4 immediately. Given the scope of the vulnerability, delaying the update exposes the system to unnecessary risk and potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpMyFAQ contains an unauthenticated SQL injection vulnerability in its captcha handling methods, allowing attackers to extract sensitive database inf...
phpMyFAQ contains an unauthenticated SQL injection vulnerability in its captcha handling methods, allowing attackers to extract sensitive database information.
---METADATA---
VENDOR: phpMyFAQ
PRODUCT: phpMyFAQ
AFFECTED_VERSIONS: Prior to 4.1.2
---END_METADATA---
Description Summary:
phpMyFAQ contains an unauthenticated SQL injection vulnerability in its captcha handling methods, allowing attackers to extract sensitive database information.
Executive Summary:
An unauthenticated SQL injection vulnerability in phpMyFAQ allows attackers to extract sensitive data, including administrative tokens and credentials, from the backend database.
Vulnerability Details
CVE-ID: CVE-2026-46364
Affected Software: phpMyFAQ
Affected Versions: Prior to 4.1.2
Vulnerability: The application fails to sanitize User-Agent headers before incorporating them into database queries, allowing unauthenticated attackers to perform time-based blind SQL injection.
Business Impact
The exposure of administrative credentials and tokens enables full application takeover and sensitive data breach. A CVSS score of 9.8 highlights the critical danger of this unauthenticated data access.
Remediation Plan
Immediate Action: Update phpMyFAQ to version 4.1.2 or later to patch the vulnerable captcha methods.
Proactive Monitoring: Monitor database query logs for time-intensive queries or patterns associated with SQL injection attempts.
Compensating Controls: Deploy a Web Application Firewall (WAF) with SQL injection protection rules to filter malicious User-Agent headers.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability provides a direct pathway to database compromise. Immediate patching is required to prevent unauthorized access to sensitive application data.
Update HP Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
A flaw was found in Keycloak
A flaw was found in Keycloak
---METADATA---
VENDOR: Keycloak
PRODUCT: Keycloak
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in Keycloak, an open-source identity and access management solution, which could compromise authentication integrity.
Executive Summary:
Keycloak is affected by a critical flaw that could allow attackers to undermine identity management and gain unauthorized access to protected applications.
Vulnerability Details
CVE-ID: CVE-2026-4636
Affected Software: Keycloak
Affected Versions: See vendor advisory for affected versions
Vulnerability: The vulnerability exists within the Keycloak core identity management framework. While specific technical details are limited, flaws in such systems typically involve authentication bypasses, improper token validation, or privilege escalation vulnerabilities that can be exploited by an attacker.
Business Impact
Keycloak is a central component for authentication across many enterprises; therefore, a compromise here could grant an attacker access to any application integrated with the service. The CVSS score of 8.1 reflects the high risk of unauthorized data access and the potential for widespread lateral movement within an organization's infrastructure.
Remediation Plan
Immediate Action: Apply the latest security patches from the Keycloak project immediately to secure the identity provider.
Proactive Monitoring: Review Keycloak audit logs for unusual login patterns, unauthorized client registrations, or unexpected changes to realm roles and permissions.
Compensating Controls: Enable Multi-Factor Authentication (MFA) for all users and restrict access to the Keycloak admin console to internal, trusted networks only.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation. However, identity providers are high-value targets for attackers, and the potential for exploitation is considered high.
Analyst Recommendation
Organizations relying on Keycloak for identity and access management must treat this vulnerability with the highest urgency. Applying the vendor's security updates is the only effective way to mitigate the risk to the entire authentication chain.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
phpMyFAQ before 4
phpMyFAQ before 4
---METADATA---
VENDOR: phpMyFAQ
PRODUCT: phpMyFAQ
AFFECTED_VERSIONS: Versions prior to 4
CONFIDENCE: high
MISSING: patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A security vulnerability has been identified in phpMyFAQ versions prior to 4, necessitating an immediate upgrade to the latest secure release.
Executive Summary:
All versions of phpMyFAQ prior to 4 are susceptible to a security vulnerability that requires urgent remediation to protect system integrity.
Vulnerability Details
CVE-ID: CVE-2026-46359
Affected Software: phpMyFAQ
Affected Versions: Versions prior to 4
Vulnerability: This flaw impacts the phpMyFAQ framework, creating a security risk for all installations running versions earlier than 4. The specific technical mechanism of the vulnerability remains undisclosed at this time.
Business Impact
With a CVSS score of 7.5, this vulnerability represents a High severity risk that could lead to unauthorized access or the compromise of sensitive organizational data. Failure to address this could result in operational disruption and potential reputational damage.
Remediation Plan
Immediate Action: Perform an immediate upgrade of the phpMyFAQ installation to version 4 or the latest available stable release.
Proactive Monitoring: Implement enhanced logging and review of administrative actions to detect any irregular patterns or attempts to exploit the application.
Compensating Controls: Apply strict network access controls and WAF configurations to limit exposure of the application to untrusted networks.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 17, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
It is imperative that administrators move to upgrade to version 4 immediately. Consistent with standard security best practices, ensure all backups are verified before performing the upgrade to mitigate potential data loss during the transition.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Mastodon is a free, open-source social network server based on ActivityPub
Mastodon is a free, open-source social network server based on ActivityPub
---METADATA---
VENDOR: Mastodon
PRODUCT: Mastodon
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A critical security vulnerability has been identified in the Mastodon social network server, necessitating prompt remediation to protect instance integrity.
Executive Summary:
The Mastodon social network platform is vulnerable to a high-severity flaw that could permit unauthorized actions or data exposure within the server environment.
Vulnerability Details
CVE-ID: CVE-2026-46348
Affected Software: Mastodon Mastodon
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Mastodon server, which utilizes the ActivityPub protocol. The flaw likely resides in the handling of network requests or user data, potentially allowing an attacker to bypass security checks or manipulate server-side processes.
Business Impact
With a CVSS score of 8.7, this vulnerability presents a substantial risk of unauthorized access or data manipulation. For organizations hosting their own Mastodon instances, an exploit could result in the compromise of user accounts, leakage of private communications, or the total takeover of the server instance, severely damaging organizational reputation.
Remediation Plan
Immediate Action: Apply the latest security updates provided by the Mastodon project immediately upon release.
Proactive Monitoring: Monitor server logs for anomalous ActivityPub traffic patterns or unexpected administrative configuration changes.
Compensating Controls: Deploy a WAF configured to inspect and block malicious payloads targeting ActivityPub endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 25, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The high CVSS score underscores the urgency of this advisory. Administrators must treat this as a high-priority task, ensuring that all Mastodon instances are updated to the most recent secure version to mitigate the risk of exploitation and maintain platform security.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Netty is a network application framework for development of protocol servers and clients
Netty is a network application framework for development of protocol servers and clients
---METADATA---
VENDOR: Netty Project
PRODUCT: Netty
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability in the Netty framework may enable unauthorized actions against protocol servers and clients.
Executive Summary:
A high-severity vulnerability exists within the Netty framework, creating a security risk for systems relying on its protocol-handling capabilities.
Vulnerability Details
CVE-ID: CVE-2026-46340
Affected Software: Netty Project Netty
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The flaw affects the Netty framework, which is a foundational tool for building network applications. This vulnerability could be exploited to compromise the stability or security of systems using the framework, necessitating prompt attention from security administrators.
Business Impact
The CVSS score of 7.5 underscores the potential for significant business impact. If exploited, this vulnerability could lead to unauthorized access to application data or cause service outages, negatively affecting organizational productivity and the confidentiality of network traffic.
Remediation Plan
Immediate Action: Prioritize the deployment of vendor-supplied security patches to all systems identified as using the Netty framework.
Proactive Monitoring: Conduct thorough reviews of network and application logs to detect any signs of exploitation attempts or anomalous behavior consistent with this vulnerability.
Compensating Controls: Deploy perimeter security measures, such as WAFs, to block malicious traffic and provide an additional layer of protection while awaiting official patches.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the prevalence of the Netty framework, organizations should act decisively to mitigate this high-severity threat. Maintaining an updated software environment and implementing strict monitoring are critical steps to protect against the risks posed by this vulnerability.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A flaw was found in Keycloak
A flaw was found in Keycloak
---METADATA---
VENDOR: Red Hat
PRODUCT: Keycloak
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A security flaw has been identified in Keycloak that could compromise identity and access management processes.
Executive Summary:
A high-severity vulnerability in Keycloak could allow attackers to bypass security controls or gain unauthorized access to protected resources.
Vulnerability Details
CVE-ID: CVE-2026-4634
Affected Software: Red Hat Keycloak
Affected Versions: See vendor advisory for affected versions
Vulnerability: The flaw was discovered in Keycloak, an open-source identity and access management solution. While specific technical details are limited, the vulnerability likely pertains to the authentication flow or session management, potentially allowing an attacker to impersonate legitimate users.
Business Impact
As Keycloak is a central hub for authentication, any vulnerability in this product carries substantial risk. A successful exploit could lead to full account takeover, unauthorized access to sensitive enterprise applications, and significant regulatory compliance violations. The CVSS score of 7.5 highlights the urgency of this high-severity threat.
Remediation Plan
Immediate Action: Apply the recommended security updates from the Keycloak project or Red Hat immediately to secure the authentication server.
Proactive Monitoring: Review Keycloak audit logs for suspicious login attempts, unauthorized client registrations, or unusual token exchange patterns.
Compensating Controls: Implement multi-factor authentication (MFA) across all realms and use a Web Application Firewall (WAF) to inspect traffic for common authentication bypass patterns.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. Identity providers are extremely high-value targets, and exploitation often follows shortly after disclosure.
Analyst Recommendation
Keycloak serves as the gatekeeper for your digital assets; therefore, this CVSS 7.5 vulnerability must be addressed with the highest priority. Apply the latest patches immediately and perform a comprehensive review of your IAM policies to ensure a defense-in-depth posture.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx(...
In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Linux kernel builds including the greybus driver prior to specified commits.
---END_METADATA---
Description Summary:
A buffer overflow exists in the Linux kernel's greybus driver, specifically within the cc1352_bootloader_rx function, due to missing bounds checks on receive buffers.
Executive Summary:
A critical buffer overflow vulnerability in the Linux kernel's greybus module could allow an attacker to trigger memory corruption or arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-46332
Affected Software: Linux Kernel
Affected Versions: Linux kernel builds that include the greybus driver (used on BeaglePlay and similar devices) prior to fixes in commits 0339a746ff7cd3f9d10f565e89c99dc93191e58d, 1214bf28965ceaf584fb20d357731264dd2e10e1, 663c2728a6d0f781044431111b53a27f71027e48, fb91d4e49fcbea0b5091394ac5b8f7d4124265c3.
Vulnerability: This is a buffer overflow (CWE-120) in the cc1352_bootloader_rx() function. The driver fails to validate the size of incoming data chunks before appending them to a fixed-size buffer, allowing a remote or local attacker with access to the bootloader UART interface to overflow the buffer.
Business Impact
With a CVSS score of 8.0, this vulnerability presents a significant risk of arbitrary memory corruption or potential code execution. Successful exploitation could lead to full system compromise, particularly on devices utilizing the BeaglePlay platform. The risk is elevated by the potential for remote exploitation if the UART interface is exposed.
Remediation Plan
Immediate Action: Update the Linux kernel to a version that includes the necessary bounds checks (referenced by the identified upstream commits).
Proactive Monitoring: Inspect system configurations to identify devices running the affected greybus driver and restrict physical or logical access to the associated UART interfaces.
Compensating Controls: Implement strict input validation or device-level firewalls if the UART interface is used for communication with untrusted components.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, the nature of the flaw makes it a high-priority target for an attacker with local access.
Analyst Recommendation
Given the potential for code execution, this vulnerability warrants an urgent update. Organizations using devices equipped with the greybus driver should apply the kernel patches immediately to prevent unauthorized memory manipulation and potential system takeover.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This reverts commit d7cd421da9da2cc7...
In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This reverts commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in the Linux kernel necessitated the reversion of the TCP ULP (Upper Layer Protocol) support feature for SMC (Shared Memory Communications).
Executive Summary:
The Linux kernel has reverted the TCP ULP support feature for SMC to address a critical flaw, and users should update to prevent potential instability.
Vulnerability Details
CVE-ID: CVE-2026-46330
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The implementation of TCP ULP support for SMC was found to be fundamentally flawed, leading to the total reversion of the feature (commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40). Failure to remove this code leaves the kernel in a state susceptible to undefined behavior or security regressions.
Business Impact
Given the CVSS score of 7.8, this issue is considered high-risk. The inclusion of faulty ULP logic can expose the networking stack to unexpected behaviors that could be leveraged for system compromise or denial of service, impacting overall system reliability.
Remediation Plan
Immediate Action: Upgrade your Linux kernel to the version that includes the reversion of the affected TCP ULP support code.
Proactive Monitoring: Review system logs for networking-related errors, specifically those involving SMC or ULP socket configurations.
Compensating Controls: If immediate patching is not feasible, disable SMC support if it is not required for your specific network architecture.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should audit their environment for the presence of the faulty ULP implementation. Updating the kernel to a version that properly reverts this feature is essential to maintain a stable and secure network environment.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additiona...
In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Amazon Linux: Kernel-5.10 Extra (Pending Fix), Kernel-5.15 Extra (Pending Fix), Amazon Linux 2023 (kernel, kernel6.12, kernel6.18 - Pending Fix). Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
---END_METADATA---
Description Summary:
An AppArmor security module flaw in the Linux kernel allows local attackers to bypass resource limits for POSIX CPU timers.
Executive Summary:
A vulnerability in the Linux kernel AppArmor module allows for the bypass of CPU resource limits, potentially leading to unauthorized resource consumption.
Vulnerability Details
CVE-ID: CVE-2026-46328
Affected Software: Linux Kernel
Affected Versions: Amazon Linux: Kernel-5.10 Extra (Pending Fix), Kernel-5.15 Extra (Pending Fix), Amazon Linux 2023 (kernel, kernel6.12, kernel6.18 - Pending Fix). Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
Vulnerability: The AppArmor security module incorrectly enforces rlimit for POSIX CPU timers. This failure allows a local, authenticated user to bypass intended CPU time restrictions, leading to excessive resource consumption.
Business Impact
With a CVSS score of 7.3, this flaw poses a notable risk to multi-tenant environments and shared hosting platforms. An attacker can circumvent security policies to consume disproportionate CPU resources, negatively impacting the performance of other services or applications running on the same host.
Remediation Plan
Immediate Action: Monitor vendor security bulletins and apply the kernel patches as soon as they become available for your specific distribution.
Proactive Monitoring: Monitor system logs and resource usage for unusual CPU activity or processes exceeding expected operational boundaries.
Compensating Controls: Use alternative cgroup-based resource constraints or hardware-level partitioning to enforce resource limits until the kernel patch can be applied.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
While this is a local privilege/resource bypass, it remains a serious concern for security-sensitive environments. Administrators should track the availability of the upstream kernel fix and schedule deployment across all affected Linux systems to restore proper resource enforcement.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dm_suspended_md The function dm_blk_report_zones tests...
In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dm_suspended_md The function dm_blk_report_zones tests if the device is suspended with the "dm_suspended_md" call
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
An unlocked check in the Linux kernel’s device mapper (dm) component can lead to race conditions during device suspension state verification.
Executive Summary:
An unlocked state-check vulnerability in the Linux kernel's device mapper could lead to inconsistent kernel state and potential system instability.
Vulnerability Details
CVE-ID: CVE-2026-46327
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The function dm_blk_report_zones performs an unlocked test for the dm_suspended_md status. Because the check is performed without appropriate locking, the state of the device mapper can change during the check, leading to race conditions.
Business Impact
With a CVSS score of 7.8, this flaw presents a substantial risk to systems relying on the device mapper for storage management. An attacker capable of triggering this race condition could cause a kernel panic or potentially interfere with storage I/O, leading to data unavailability or system-wide denial of service.
Remediation Plan
Immediate Action: Apply the vendor-provided kernel patch to ensure proper locking is enforced during the dm_suspended_md check.
Proactive Monitoring: Monitor storage subsystem logs for I/O errors or unexpected device-mapper related kernel warnings.
Compensating Controls: Ensure that sensitive storage operations are managed by privileged administrative accounts to limit the potential for unauthorized triggering of the vulnerable code path.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Storage subsystem integrity is paramount for system availability. Organizations should treat this vulnerability with high priority, ensuring that kernel updates are validated and deployed to all servers managing storage volumes via the device mapper.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation Make sure tha...
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct initialisation Make sure that the spi_transfer struct is zeroed out before use
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Linux kernel versions prior to 7.0-rc1
---END_METADATA---
Description Summary:
An improper initialization vulnerability exists in the Linux kernel's mprls0025pa pressure driver, which fails to zero out the spi_transfer structure before use.
Executive Summary:
A memory initialization vulnerability in the Linux kernel mprls0025pa driver poses a high security risk by potentially exposing uninitialized memory or triggering system instability.
Vulnerability Details
CVE-ID: CVE-2026-46326
Affected Software: Linux Kernel
Affected Versions: Linux kernel versions prior to 7.0-rc1 (fixed by commit 1e0ac56c92e26115cbc8cfc639843725cb3a7d6a).
Vulnerability: This is an improper initialization flaw in the iio: pressure: mprls0025pa driver. Because the spi_transfer structure is not consistently zeroed out before use, an attacker could potentially read sensitive information from uninitialized memory or trigger unpredictable system behavior, leading to a Denial of Service (DoS).
Business Impact
With a CVSS score of 8.4, this vulnerability is categorized as High severity. The potential for information disclosure or system-wide denial of service could impact the confidentiality and availability of critical infrastructure running affected kernel versions. If exploited, the instability of the kernel could lead to unexpected downtime for production systems.
Remediation Plan
Immediate Action: Update the Linux kernel to a version containing the fix, specifically commit 1e0ac56c92e26115cbc8cfc639843725cb3a7d6a (included in 7.0-rc1).
Proactive Monitoring: Monitor system logs for kernel panics or unusual driver-related errors that may indicate exploitation attempts or instability.
Compensating Controls: Ensure kernel hardening features such as Address Space Layout Randomization (ASLR) are enabled to increase the difficulty of exploiting memory-related vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and its location within the kernel, the potential for exploitation is high.
Analyst Recommendation
Given the severity of kernel-level vulnerabilities, administrators should prioritize patching as soon as the upstream fix is integrated into their specific distribution's kernel updates. Immediate application of the kernel patch is necessary to mitigate the risk of memory disclosure and potential system crashes.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use list_del_rcu for netlink hooks nft_netdev_unregister_h...
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use list_del_rcu for netlink hooks nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks need to use list_del_rcu(), this list can be walked by concurrent dumpers
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A concurrency issue in the Linux kernel's netfilter/nf_tables component occurs due to incorrect list deletion methods during netlink hook unregistration.
Executive Summary:
A race condition in the Linux kernel's netfilter subsystem could allow concurrent processes to access invalid memory, risking system stability.
Vulnerability Details
CVE-ID: CVE-2026-46324
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The functions nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks utilize an incorrect list deletion method, failing to safely handle concurrent dumpers. This vulnerability allows for a race condition when managing netlink hooks, potentially leading to memory corruption.
Business Impact
The CVSS score of 7.8 underscores the severity of this vulnerability, which affects the kernel's core networking and filtering capabilities. Exploitation could lead to system instability, denial of service, or potentially lead to arbitrary code execution if an attacker can reliably trigger the race condition.
Remediation Plan
Immediate Action: Upgrade to the latest kernel release that includes the corrected list_del_rcu implementation for netfilter hooks.
Proactive Monitoring: Monitor for kernel-level crashes or segmentation faults specifically originating from netfilter or netlink-related operations.
Compensating Controls: Restrict access to nf_tables configuration (e.g., CAP_NET_ADMIN) to trusted processes to minimize the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability highlights the complexity of kernel synchronization. Security teams must ensure that systems utilizing advanced netfilter configurations are updated promptly, as the potential for local exploitation of race conditions in these subsystems is significant.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can currently copy frags betw...
In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFL_MANAGED_FRAG_REFS flag
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
An improper check in the Linux kernel’s GRO (Generic Receive Offload) implementation allows for the merging of zerocopy skbs, potentially violating memory management constraints.
Executive Summary:
A flaw in the Linux kernel's networking stack could allow improper merging of zerocopy network buffers, posing a risk to system memory integrity.
Vulnerability Details
CVE-ID: CVE-2026-46323
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The skb_gro_receive function fails to verify the SKBFL_MANAGED_FRAG_REFS flag when merging zerocopy skbs. This oversight allows improper handling of fragment references, which can lead to memory corruption or inconsistent state within the networking subsystem.
Business Impact
With a CVSS score of 7.8, this vulnerability represents a high-risk security threat. Exploitation could lead to kernel-level memory corruption, resulting in service interruption or the potential for local privilege escalation, necessitating urgent attention for systems handling high-volume network traffic.
Remediation Plan
Immediate Action: Update the Linux kernel to the version provided by your distribution that specifically addresses the skb_gro_receive zerocopy merging logic.
Proactive Monitoring: Review system stability metrics and watch for intermittent networking stack failures or abnormal kernel memory usage patterns.
Compensating Controls: Implement strict network ingress filtering to reduce the likelihood of specially crafted packets reaching the vulnerable GRO processing path.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel vulnerabilities involving memory management in the networking stack are critical. Organizations should verify their kernel version against vendor security bulletins and deploy the necessary updates as soon as they are available to mitigate the risk of memory corruption.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in t...
In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one() When build_skb() fails in tun_xdp_one(), the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhost_net_build_xdp() allocated for the frame
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Microsoft Azure Linux kernel version 3.0. Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
---END_METADATA---
Description Summary:
A memory leak in the Linux kernel's tun driver during build_skb() failures allows for potential denial-of-service attacks.
Executive Summary:
A failure to properly handle memory in the Linux kernel's tun driver creates a memory leak vulnerability that threatens system availability.
Vulnerability Details
CVE-ID: CVE-2026-46322
Affected Software: Linux Kernel
Affected Versions: Microsoft Azure Linux kernel version 3.0. Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
Vulnerability: This vulnerability resides in the tun_xdp_one() function, where a failure in build_skb() results in an error path that skips freeing an allocated memory page. Repeated triggering of this failure leads to memory exhaustion and system instability.
Business Impact
With a CVSS score of 7.1, this vulnerability presents a significant risk to the availability of Linux-based systems. Memory exhaustion attacks can be difficult to diagnose, and their impact on system performance can lead to widespread service disruption across the affected infrastructure.
Remediation Plan
Immediate Action: Apply the vendor-provided kernel patch that ensures memory pages are freed appropriately when an error occurs in the tun_xdp_one() function.
Proactive Monitoring: Use system monitoring tools to track memory allocation patterns, specifically looking for leaks associated with network driver error paths.
Compensating Controls: Restrict access to tun/tap device management to privileged users only to minimize the risk of an attacker intentionally triggering this error path.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should prioritize this patch alongside other kernel updates. Ensuring that error-handling paths within the Linux kernel are secure is vital for maintaining the resilience of network-intensive systems against denial-of-service attacks.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -...
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_one() tun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without freeing the page that vhost_net_build_xdp() allocated for it
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Microsoft Azure Linux kernel version 3.0. Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
---END_METADATA---
Description Summary:
A memory leak in the Linux kernel's tun driver allows local attackers to cause a denial of service by triggering short-frame rejections.
Executive Summary:
A memory leak in the Linux kernel tun driver exposes systems to denial-of-service via memory exhaustion.
Vulnerability Details
CVE-ID: CVE-2026-46321
Affected Software: Linux Kernel
Affected Versions: Microsoft Azure Linux kernel version 3.0. Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
Vulnerability: A vulnerability in the tun_xdp_one() function fails to free memory pages when rejecting network frames shorter than the expected Ethernet header length. This allows a local attacker with access to the tun/tap device to leak memory through repeated exploitation.
Business Impact
The CVSS score of 7.1 indicates a high risk to availability. By triggering this memory leak, an attacker can exhaust system memory, potentially forcing a kernel panic or causing a total system denial of service, which disrupts all hosted applications.
Remediation Plan
Immediate Action: Update the Linux kernel to the version containing the fix, which ensures the page is freed before returning an error.
Proactive Monitoring: Monitor for kernel-level memory leaks and unexpected increases in memory usage associated with tun/tap device activity.
Compensating Controls: Limit access to tun/tap interfaces to only necessary services and users, utilizing SELinux or AppArmor policies to restrict device access.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel vulnerabilities leading to memory exhaustion are critical for system uptime. Administrators should apply the provided patch as soon as possible, particularly on systems that heavily rely on virtual networking or tunneling, to prevent potential DoS scenarios.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp() tap_get_user_xdp() rejects a...
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp() tap_get_user_xdp() rejects a frame shorter than ETH_HLEN with -EINVAL, and returns -ENOMEM when build_skb() fails
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Debian: linux (bullseye 5.10.223-1, bullseye (security) 5.10.257-1, bookworm 6.1.170-3, bookworm (security) 6.1.174-1, trixie 6.12.86-1, trixie (security) 6.12.90-2, forky sid 7.0.10-1). Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
---END_METADATA---
Description Summary:
A memory leak in the Linux kernel's tap driver's tap_get_user_xdp() function can lead to system-wide resource exhaustion and denial of service.
Executive Summary:
A memory leak in the Linux kernel tap driver exposes systems to potential denial-of-service conditions through resource exhaustion.
Vulnerability Details
CVE-ID: CVE-2026-46320
Affected Software: Linux Kernel
Affected Versions: Debian: linux (bullseye 5.10.223-1, bullseye (security) 5.10.257-1, bookworm 6.1.170-3, bookworm (security) 6.1.174-1, trixie 6.12.86-1, trixie (security) 6.12.90-2, forky sid 7.0.10-1). Red Hat: All previous versions of packages in any minor update stream of a product listed as vulnerable.
Vulnerability: A flaw in the tap_get_user_xdp() function fails to properly free memory pages when processing rejected network frames. This occurs when frames are shorter than the Ethernet header length or during failed memory allocations, leading to a persistent memory leak.
Business Impact
The CVSS score of 7.4 underscores a high risk to system stability. Because the Linux kernel is foundational to infrastructure, this vulnerability could be leveraged to degrade or crash critical services by exhausting memory, resulting in significant operational downtime.
Remediation Plan
Immediate Action: Apply the latest kernel security updates provided by your distribution vendor (e.g., Debian or Red Hat).
Proactive Monitoring: Monitor kernel memory usage and look for signs of memory fragmentation or depletion that could indicate a leak in the tap/xdp subsystems.
Compensating Controls: Restrict access to network interfaces and tap/tun devices to authorized users or containers only to limit the attack surface for triggering these error paths.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This kernel-level vulnerability warrants an urgent update cycle. Security teams should ensure that all Linux distributions managing network-intensive workloads are patched to the versions addressing this memory leak to maintain system integrity and prevent denial-of-service attacks.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: Only release RCU read lock after ct_ft When looking up a flow...
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: Only release RCU read lock after ct_ft When looking up a flow table in act_ct in tcf_ct_flow_table_get(), rhashtable_lookup_fast() internally opens and closes an RCU read critical section before returning ct_ft
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A race condition exists in the Linux kernel's net/sched: act_ct component due to improper RCU read lock handling during flow table lookups.
Executive Summary:
A concurrency vulnerability in the Linux kernel's network scheduling subsystem could potentially lead to memory corruption or system instability.
Vulnerability Details
CVE-ID: CVE-2026-46319
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability arises in the tcf_ct_flow_table_get function where rhashtable_lookup_fast prematurely closes an RCU read critical section. This flaw allows for potential use-after-free or race conditions, typically requiring local access or specific network traffic triggers.
Business Impact
The vulnerability carries a CVSS score of 7.8, indicating a high risk to system availability and integrity. Successful exploitation could result in kernel panics, system crashes, or unauthorized memory access, causing significant operational downtime for mission-critical infrastructure running affected kernel versions.
Remediation Plan
Immediate Action: Apply the latest security patches provided by your Linux distribution vendor to resolve the RCU locking issue.
Proactive Monitoring: Monitor system logs for kernel oops or unexpected service restarts related to the networking stack.
Compensating Controls: Utilize kernel hardening modules and ensure that untrusted users are restricted from triggering complex network scheduling operations.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the severity of kernel-level vulnerabilities, administrators should prioritize patching during the next maintenance cycle. Ensure that all production environments are updated to a kernel version that incorporates the fix for act_ct locking issues to prevent potential stability and security compromises.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_lock kvm->arch
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_lock kvm->arch
---METADATA---
VENDOR: Linux
PRODUCT: kernel
AFFECTED_VERSIONS: Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9.
---END_METADATA---
Description Summary:
A memory corruption vulnerability in the Linux kernel KVM for arm64 allows a local attacker to access freed memory via improper reassignment of the nested_mmus array.
Executive Summary:
A high-severity memory corruption flaw in the Linux kernel KVM implementation for arm64 architectures could allow a local attacker to escalate privileges or cause a system crash.
Vulnerability Details
CVE-ID: CVE-2026-46317
Affected Software: Linux kernel
Affected Versions: Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9.
Vulnerability: This is a memory corruption vulnerability stemming from the improper reassignment of the nested_mmus array within the KVM subsystem. The issue allows a local process to access memory that has already been freed, leading to potential security bypasses.
Business Impact
The CVSS score of 8.8 reflects the high risk of this kernel-level vulnerability. A local attacker can exploit this to achieve privilege escalation, potentially gaining root access to the host machine. Furthermore, the vulnerability can be used to trigger a kernel panic, leading to system-wide denial-of-service, which is particularly critical for server environments.
Remediation Plan
Immediate Action: Apply the latest kernel security updates provided by your distribution vendor (e.g., Red Hat).
Proactive Monitoring: Monitor system logs for kernel oops or unexpected system instability following the execution of virtualization workloads.
Compensating Controls: Restrict access to the system to authorized users only, specifically limiting the ability to initiate KVM/virtualization processes.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel vulnerabilities of this nature should be treated with the highest priority. Administrators should test and deploy the provided kernel updates across all affected RHEL environments as soon as possible to mitigate the risk of local privilege escalation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm_exec to take both loc...
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm_exec to take both locks i
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A concurrency vulnerability in the Linux kernel's AMDGPU driver allows access to a stale write pointer (wptr) mapping, leading to potential memory corruption.
Executive Summary:
A concurrency flaw in the Linux kernel's AMDGPU driver can lead to stale pointer access, posing a risk of memory corruption and privilege escalation.
Vulnerability Details
CVE-ID: CVE-2026-46311
Affected Software: Linux Kernel (AMDGPU Driver)
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The issue is located in the drm/amdgpu/userq component. A race condition allows access to a stale wptr mapping because the driver failed to take the necessary locks during the operation.
Business Impact
Given the CVSS score of 7.8, this vulnerability represents a significant risk to systems utilizing AMD GPUs. An attacker could exploit this to corrupt kernel memory, resulting in system crashes or the potential for privilege escalation, which is particularly critical in environments using GPU-accelerated workloads.
Remediation Plan
Immediate Action: Update the Linux kernel to the latest version, ensuring the AMDGPU driver fix is included.
Proactive Monitoring: Monitor for driver-specific errors or system instability related to GPU-accelerated processes.
Compensating Controls: Limit access to GPU devices to trusted users and ensure that kernel module loading is restricted to signed modules.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Drivers are a common target for privilege escalation attacks. It is critical to apply kernel updates that address these driver-level vulnerabilities to ensure the overall security and stability of the system.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Cockpit's remote login feature is vulnerable to command injection via unsanitized input, allowing unauthenticated attackers to achieve remote code exe...
Cockpit's remote login feature is vulnerable to command injection via unsanitized input, allowing unauthenticated attackers to achieve remote code execution.
---METADATA---
VENDOR: Cockpit
PRODUCT: Cockpit
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
Cockpit's remote login feature is vulnerable to command injection via unsanitized input, allowing unauthenticated attackers to achieve remote code execution.
Executive Summary:
An unauthenticated command injection vulnerability in Cockpit's login flow allows an attacker to execute arbitrary shell commands on the host system.
Vulnerability Details
CVE-ID: CVE-2026-4631
Affected Software: Cockpit
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability exists because Cockpit passes user-supplied hostnames and usernames directly to the SSH client without validation. An unauthenticated attacker can inject malicious SSH options or shell commands into the login request, triggering execution on the host server before any credentials are verified.
Business Impact
This is a critical vulnerability (CVSS 9.8) that allows for complete, unauthenticated remote code execution. The impact includes full system takeover, unauthorized access to the underlying server, and potential lateral movement within the network, justifying an immediate emergency response.
Remediation Plan
Immediate Action: Apply the latest security patches provided by the Cockpit vendor immediately.
Proactive Monitoring: Monitor access logs for anomalous login requests containing non-standard characters or shell command syntax.
Compensating Controls: Restrict access to the Cockpit web interface to trusted IP addresses or internal networks using a VPN or firewall rules to minimize exposure to external threats.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Apr 7, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is highly severe as it requires no authentication to execute code on the host. Organizations must ensure that all instances of Cockpit are updated immediately and that access is restricted to authorized personnel only.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: > The ath5k driver seems t...
In the Linux kernel, the following vulnerability has been resolved: wifi: ath5k: do not access array OOB Vincent reports: > The ath5k driver seems to do an array-index-out-of-bounds access as > shown by the UBSAN kernel message: > UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath5k/base
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: Linux kernel versions affected by an out-of-bounds write in the ath5k Wi-Fi driver.
---END_METADATA---
Description Summary:
The Linux kernel's ath5k Wi-Fi driver contains an array-index-out-of-bounds vulnerability that results in a minor out-of-bounds write.
Executive Summary:
An out-of-bounds write vulnerability in the Linux kernel ath5k driver presents a memory safety risk, though the practical impact is currently limited.
Vulnerability Details
CVE-ID: CVE-2026-46307
Affected Software: Linux Kernel
Affected Versions: Linux kernel versions affected by an out-of-bounds write in the ath5k Wi-Fi driver. SUSE lists fixed packages as kernel-devel >= 7.0.12-1.1.
Vulnerability: The ath5k Wi-Fi driver performs an array-index-out-of-bounds access. This memory safety flaw results in a small out-of-bounds write that can corrupt an adjacent status field within the driver's memory.
Business Impact
Despite a CVSS score of 8.3, the vulnerability has a relatively minor practical effect, primarily limited to the corruption of an internal status field. However, memory safety issues in the kernel are inherently dangerous, as they can theoretically be weaponized to bypass security mitigations. Maintaining system integrity requires addressing these bugs to prevent unauthorized memory modification.
Remediation Plan
Immediate Action: Apply the vendor-provided security updates, specifically ensuring the kernel is updated to at least the version provided by your distribution (e.g., SUSE kernel-devel >= 7.0.12-1.1).
Proactive Monitoring: Review kernel logs for UBSAN (Undefined Behavior Sanitizer) alerts or driver-related errors that may indicate the vulnerability is being triggered.
Compensating Controls: Restrict access to wireless network configurations and utilize secure hardware configurations to minimize the attack surface of wireless drivers.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. No known exploit chain is being passed around by threat actors.
Analyst Recommendation
While the impact is currently considered localized, kernel vulnerabilities should never be ignored due to the risk of privilege escalation. Organizations should schedule the deployment of the relevant kernel updates during the next maintenance window to ensure long-term system stability and security.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: flow_dissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that P...
In the Linux kernel, the following vulnerability has been resolved: flow_dissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT RECOMMENDED for PPPoE
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The Linux kernel's flow dissector incorrectly handles PPPoE Protocol Field Compression (PFC) frames, contrary to RFC 2516 recommendations.
Executive Summary:
Improper handling of PPPoE PFC frames in the Linux kernel flow dissector may result in network traffic processing errors or system instability.
Vulnerability Details
CVE-ID: CVE-2026-46306
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The flow dissector component attempts to process PFC frames which are explicitly discouraged by RFC 2516. This flaw can be triggered by specifically crafted network packets, potentially leading to incorrect traffic routing or kernel-level processing errors.
Business Impact
The CVSS score of 7.5 classifies this as a high-severity issue. Successful exploitation could disrupt network traffic flow, degrade network performance, or create conditions for a local denial-of-service, impacting the business's ability to maintain reliable network connectivity.
Remediation Plan
Immediate Action: Patch the Linux kernel to the version that excludes PPPoE PFC frames from the flow dissector.
Proactive Monitoring: Utilize network monitoring tools to identify anomalous traffic patterns or high packet drop rates that could indicate attempts to exploit the flow dissector.
Compensating Controls: Deploy network-level firewalls or ingress filtering to drop malformed PPPoE frames before they reach the kernel's processing stack.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Network stability is critical for business operations; therefore, updating the kernel to properly handle PPPoE frames is essential. Administrators should prioritize this patch, especially in environments handling high volumes of PPPoE-encapsulated traffic.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free nvmet_tcp_release_queue...
In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free nvmet_tcp_release_queue_work() runs on nvmet-wq and can drop the final controller reference through nvmet_cq_put()
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A recursive flushing issue in the Linux kernel NVMe-over-TCP target code can lead to a deadlock or system instability during controller release.
Executive Summary:
A recursive reference counting flaw in the Linux kernel NVMe-over-TCP implementation creates a risk of system deadlock.
Vulnerability Details
CVE-ID: CVE-2026-46304
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability exists in the nvmet_ctrl_free function, where recursive workqueue flushing can occur during the controller release process. This is a local denial-of-service vulnerability requiring interaction with the NVMe target subsystem.
Business Impact
With a CVSS score of 7.5, this high-severity vulnerability threatens the stability of storage infrastructure. Exploitation could lead to persistent kernel deadlocks, resulting in significant service downtime and loss of access to storage resources for dependent applications.
Remediation Plan
Immediate Action: Update the Linux kernel to a version containing the fix for the nvmet recursive flush issue.
Proactive Monitoring: Review system logs for kernel-level stalls or hang conditions specifically related to NVMe-over-TCP controller operations.
Compensating Controls: In high-availability environments, ensure that storage failover mechanisms are tested and functional to mitigate the impact of potential kernel panics.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability represents a significant stability risk for systems utilizing NVMe-over-TCP. Organizations should integrate the relevant kernel updates into their maintenance cycle immediately to prevent potential service interruptions caused by kernel-level deadlocks.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rock_conti...
In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE record and passes it to sb_bread() without checking that the block number is within the mounted ISO 9660 volume
---METADATA---
VENDOR: Linux Foundation
PRODUCT: Linux Kernel
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
A validation flaw in the Linux kernel's isofs filesystem driver allows an attacker to provide a crafted ISO image that triggers out-of-bounds memory access.
Executive Summary:
A vulnerability in the Linux kernel's isofs component could allow an attacker to perform out-of-bounds memory access via a maliciously crafted ISO 9660 filesystem.
Vulnerability Details
CVE-ID: CVE-2026-46303
Affected Software: Linux Kernel
Affected Versions: See vendor advisory
Vulnerability: The isofs filesystem driver fails to validate the rs->cont_extent field from Rock Ridge CE records against the volume size. This allows a crafted ISO image to force the kernel to read blocks outside the intended range, potentially accessing sensitive data from adjacent filesystems.
Business Impact
The CVSS score of 8.2 (High) signifies a serious risk for systems that mount untrusted ISO images. Successful exploitation could lead to information disclosure or system instability, potentially exposing memory or data from other mounted volumes or system processes.
Remediation Plan
Immediate Action: Apply the kernel patch that adds an ISOFS_SB(sb)->s_nzones bounds check to the rock_continue() function.
Proactive Monitoring: Review system logs for kernel panics or filesystem errors when mounting external media or disk images.
Compensating Controls: Implement strict policies regarding the mounting of untrusted or externally sourced ISO images on production Linux systems.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should update their Linux kernel versions as soon as vendor-supplied patches become available for their specific distributions. Until patches are applied, avoid mounting ISO images from untrusted or unverified sources.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() ca...
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A memory management flaw in the Linux kernel skb_try_coalesce function allows for improper handling of shared-frag markers during coalescing.
Executive Summary:
A memory management vulnerability in the Linux kernel network subsystem could lead to system instability or potential memory corruption.
Vulnerability Details
CVE-ID: CVE-2026-46300
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability occurs in the network subsystem's skb_try_coalesce function, where improper handling of shared-frag markers during buffer coalescing can occur. This typically requires a local authenticated user or specific network traffic conditions to trigger, depending on the kernel configuration.
Business Impact
Successful exploitation of this kernel-level flaw could result in a denial-of-service (DoS) condition or potential privilege escalation. Given the CVSS score of 7.8, this vulnerability is classified as High, reflecting the significant risk of system compromise if an attacker can manipulate kernel memory structures.
Remediation Plan
Immediate Action: Apply the latest security patches provided by your Linux distribution vendor to address the kernel vulnerability.
Proactive Monitoring: Monitor system logs for kernel oops or unexpected service restarts that may indicate memory-related instability.
Compensating Controls: Ensure kernel hardening features like KASLR and SMEP/SMAP are enabled to limit the success of potential memory-based exploits.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability represents a significant risk to the integrity and availability of Linux-based systems. Administrators are strongly advised to prioritize the application of kernel updates as part of their standard patch management cycle to mitigate potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super() hfsplus_fill_super() calls...
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix held lock freed on hfsplus_fill_super() hfsplus_fill_super() calls hfs_find_init() to initialize a search structure, which acquires tree->tree_lock
---METADATA---
VENDOR: Linux Foundation
PRODUCT: Linux Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A memory management flaw in the Linux kernel HFS+ filesystem driver causes an improper release of a held spinlock during the filesystem mounting process.
Executive Summary:
A vulnerability in the Linux kernel HFS+ implementation could lead to a kernel-level deadlock or system instability if an attacker mounts a malformed filesystem.
Vulnerability Details
CVE-ID: CVE-2026-46299
Affected Software: Linux Foundation Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves an improper lock management issue within the hfsplus_fill_super() function. An authenticated local user or an attacker capable of triggering a filesystem mount could cause a kernel lock to be freed while still held, resulting in a system crash or potential denial-of-service.
Business Impact
The exploitation of this vulnerability poses a significant risk to system availability. Given the CVSS score of 7.0, it is classified as a High-severity issue that could lead to kernel panics and unexpected system reboots, causing critical service disruptions. While primarily a local attack vector, the instability introduced by this flaw could be leveraged to disrupt mission-critical infrastructure running on affected Linux distributions.
Remediation Plan
Immediate Action: Update the Linux kernel to the latest stable version provided by your distribution vendor as soon as the security patch is released.
Proactive Monitoring: Monitor system logs (dmesg or syslog) for kernel panic events, lockdep warnings, or recurring filesystem mount errors.
Compensating Controls: Restrict the ability to mount external or untrusted filesystems to authorized administrative users only, as this reduces the attack surface for this specific driver-level vulnerability.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw occurring within the kernel memory management subsystem, the potential for local denial-of-service remains high.
Analyst Recommendation
The Linux kernel remains a primary target for local privilege escalation and system instability attacks. Administrators should prioritize patching this vulnerability as part of their standard maintenance cycle to ensure system uptime and kernel integrity. If the HFS+ driver is not required for your specific operational environment, consider blacklisting the hfsplus kernel module as a proactive measure until the official patch is applied.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changeset() The variable 'parent...
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changeset() The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct device_node
---METADATA---
VENDOR: Linux
PRODUCT: kernel
AFFECTED_VERSIONS: Linux kernel (Amazon Linux is not affected).
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the Linux kernel device tree unit test code allows a local attacker to crash the kernel or execute code with kernel privileges.
Executive Summary:
A use-after-free vulnerability in the Linux kernel’s device tree unit test mechanism presents a significant risk for local privilege escalation and system compromise.
Vulnerability Details
CVE-ID: CVE-2026-46288
Affected Software: Linux kernel
Affected Versions: Linux kernel (Amazon Linux is not affected).
Vulnerability: This use-after-free vulnerability occurs in the device tree unit test code, where the parent variable can reference a device node that has already been freed. This occurs because the of_node_put() call is incorrectly sequenced during the test.
Business Impact
With a CVSS score of 8.4, this vulnerability is highly severe. A local attacker capable of triggering the device tree unit test can exploit this memory management flaw to execute arbitrary code with kernel-level privileges. This results in complete system compromise and the ability to bypass all user-space security controls.
Remediation Plan
Immediate Action: Update the Linux kernel to a version that includes the patch ensuring of_node_put() is called only after all accesses to the parent variable are completed.
Proactive Monitoring: Monitor for suspicious attempts to interact with kernel debugging or unit test interfaces.
Compensating Controls: Disable unnecessary kernel debugging features and unit test modules in production environments to minimize the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel patches are critical for maintaining system integrity. Organizations should verify their current kernel versions against vendor advisories and apply the necessary updates to prevent local attackers from leveraging this memory management flaw to gain elevated control.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: lib: test_hmm: evict device pages on file close to avoid use-after-free Patch se...
In the Linux kernel, the following vulnerability has been resolved: lib: test_hmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmm_test fixes and cleanups"
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A Use-After-Free vulnerability exists in the Linux kernel's test_hmm module, where failure to properly evict device pages on file close leads to insecure memory states.
Executive Summary:
A Use-After-Free vulnerability in the Linux kernel’s test_hmm module could allow an attacker to trigger memory corruption and potentially achieve code execution.
Vulnerability Details
CVE-ID: CVE-2026-46280
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This flaw exists in the test_hmm (Heterogeneous Memory Management) test module. The kernel fails to properly evict device pages when a file is closed, resulting in a Use-After-Free condition that can be triggered by a local user.
Business Impact
With a CVSS score of 7.8, this vulnerability poses a high risk to system stability and security. Exploitation could allow an attacker to gain elevated privileges or cause a Denial of Service by corrupting kernel memory structures associated with device management.
Remediation Plan
Immediate Action: Apply the vendor-provided security update to the Linux kernel to ensure proper memory management in the test_hmm module.
Proactive Monitoring: Monitor for unexpected kernel module behavior or errors related to memory management during file system operations.
Compensating Controls: If the test_hmm module is not needed for production, ensure it is blacklisted or not loaded by the kernel.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
While this is a test module, vulnerabilities within the kernel space must be treated with high priority. Users are encouraged to apply the patch immediately to close this potential attack vector.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ->folio_free() The conte...
In the Linux kernel, the following vulnerability has been resolved: mm/zone_device: do not touch device folio after calling ->folio_free() The contents of a device folio can immediately change after calling ->folio_free(), as the folio may be reallocated by a driver with a different order
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
An improper memory access vulnerability exists in the Linux kernel's zone_device implementation, where the system may attempt to access a device folio after it has been freed.
Executive Summary:
An improper memory access flaw in the Linux kernel’s zone_device subsystem could lead to kernel memory corruption or unexpected system behavior.
Vulnerability Details
CVE-ID: CVE-2026-46277
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The issue resides in the mm/zone_device component. The kernel incorrectly accesses a device folio after the folio_free call has been executed, leading to a potential race condition where the memory may have been reallocated for different purposes.
Business Impact
This vulnerability carries a CVSS score of 7.8, reflecting the significant risk of memory corruption. Such flaws can lead to data leakage or system compromise if an attacker can influence the contents of the reallocated memory, potentially impacting the integrity of the host environment.
Remediation Plan
Immediate Action: Update the kernel to the latest version provided by your distribution, which includes the fix to prevent post-free access.
Proactive Monitoring: Monitor for kernel-level memory faults or instability in storage or memory management operations.
Compensating Controls: Implement strict kernel memory protection policies and ensure that security updates are applied to all kernel-dependent modules.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel memory management vulnerabilities are inherently dangerous due to their potential for widespread system impact. Security teams should prioritize patching this vulnerability to maintain the integrity of the system's memory management operations.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths Vulner...
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free (UAF) and Null Pointer Dereference (NPD) conditions were observed in the lifecycle management of hci_uart
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A Use-After-Free and Null Pointer Dereference vulnerability exists in the Linux kernel's Bluetooth hci_uart driver due to improper lifecycle management during initialization and termination.
Executive Summary:
Race conditions in the Linux kernel's Bluetooth hci_uart driver can lead to Use-After-Free or Null Pointer Dereference, potentially allowing for arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-46275
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a concurrency-related vulnerability involving the hci_uart module. The flaw stems from race conditions during the close and init paths, which can be triggered by a local attacker to manipulate memory states.
Business Impact
The ability to trigger UAF or NPD conditions in the kernel is a critical security concern. With a CVSS score of 7.8, this flaw could be exploited to crash the kernel or execute unauthorized code with elevated privileges, severely compromising the security of the host system.
Remediation Plan
Immediate Action: Apply the vendor-provided kernel patch that addresses race conditions in the Bluetooth subsystem.
Proactive Monitoring: Review system logs for Bluetooth-related driver errors and frequent service restarts, which might indicate exploitation attempts.
Compensating Controls: Disable the Bluetooth subsystem if it is not strictly required for business operations to reduce the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for code execution and the complexity of race condition vulnerabilities, immediate patching is advised. Systems utilizing Bluetooth connectivity should be audited and updated as a matter of urgency to prevent potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remo...
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_wq_remove_pending() io_wq_remove_pending() needs to fix up wq->hash_tail[] if the cancelled work was the tail of its hash bucket
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A logic error exists in the Linux kernel io-wq component, where improper handling of hash bucket tails during work removal can lead to memory corruption.
Executive Summary:
A logic flaw in the Linux kernel's io-wq subsystem poses a risk of memory corruption, potentially leading to system instability or local privilege escalation.
Vulnerability Details
CVE-ID: CVE-2026-46274
Affected Software: Linux Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability is a memory management flaw within the io_wq_remove_pending function. An attacker with local access could potentially leverage this flaw to trigger an out-of-bounds access or corruption, requiring authenticated access to the system.
Business Impact
Successful exploitation of this kernel-level vulnerability could result in a system crash (Denial of Service) or provide a mechanism for a local attacker to escalate privileges. Given the CVSS score of 7.8, this represents a high-severity risk to business continuity and data integrity, particularly for multi-user environments or containerized infrastructure.
Remediation Plan
Immediate Action: Identify systems running affected Linux kernel versions and apply the latest security patches provided by your distribution vendor.
Proactive Monitoring: Monitor system logs for kernel panics, segmentation faults, or unusual process termination patterns that may indicate memory corruption attempts.
Compensating Controls: Restrict local access to critical infrastructure and ensure that kernel hardening features (e.g., KASLR, SMEP/SMAP) are fully enabled to increase the difficulty of exploitation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 15, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability highlights the necessity of maintaining up-to-date kernel versions in production environments. Administrators should prioritize the deployment of the vendor-supplied patch to mitigate the risk of local privilege escalation and system instability.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power...
In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes
---METADATA---
VENDOR: IBM
PRODUCT: Linux kernel ibmveth driver
AFFECTED_VERSIONS: Linux kernel ibmveth virtual Ethernet driver on IBM Power systems; Systems using affected physical adapters in Shared Ethernet Adapter (SEA) configurations
---END_METADATA---
Description Summary:
A denial-of-service vulnerability in the Linux kernel ibmveth driver on IBM Power systems can cause network traffic to halt due to improper GSO handling.
Executive Summary:
The Linux kernel ibmveth driver is susceptible to a denial-of-service condition on IBM Power systems when processing specific packet types, leading to network outages.
Vulnerability Details
CVE-ID: CVE-2026-46273
Affected Software: IBM Linux kernel ibmveth driver
Affected Versions: Linux kernel ibmveth virtual Ethernet driver on IBM Power systems; Systems using affected physical adapters in Shared Ethernet Adapter (SEA) configurations; Configurations involving VLAN and QinQ (802.1ad) traffic where the hardware parser lacks offload support.
Vulnerability: This is a denial-of-service vulnerability where the driver fails to properly handle segmentation offload for packets with a Maximum Segment Size (MSS) less than 224 bytes. This results in the physical adapter freezing and dropping all network traffic.
Business Impact
With a CVSS score of 8.6, this vulnerability poses a high risk to business continuity for organizations running IBM Power systems. A successful exploit or accidental trigger leads to a complete loss of network connectivity for affected systems, resulting in significant downtime for services relying on those network paths.
Remediation Plan
Immediate Action: Apply the vendor-provided kernel patch that implements ndo_features_check to correctly disable GSO for packets with an MSS less than 224 bytes.
Proactive Monitoring: Monitor system performance logs and network interfaces for signs of interface resets or unexpected drops in throughput.
Compensating Controls: If patching is delayed, evaluate network traffic patterns to determine if traffic with small MSS values can be rerouted or filtered to avoid triggering the defect.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of Jun 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, the potential for unintentional denial-of-service is high in environments with specific network traffic configurations.
Analyst Recommendation
System administrators managing IBM Power infrastructure should prioritize testing and deploying the kernel update to ensure network stability. Addressing this flaw is essential to preventing unplanned outages caused by the driver's inability to process specific packet sizes.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failur...
In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm_add_action_or_reset() failure the provided cleanup action will be run immediately on the not yet initialized kobject
---METADATA---
VENDOR: Linux
PRODUCT: Kernel
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A memory management error in the Linux kernel DRM/XE driver during sysfs initialization can result in improper cleanup actions on uninitialized objects.
Executive Summary:
A high-severity memory management flaw in the Linux kernel DRM/XE driver could potentially lead to system instability or security degradation due to improper resource handling.
Vulnerability Details
CVE-ID: CVE-2026-46264
Affected Software: Linux, Kernel
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability occurs in the drm/xe/pf driver when devm_add_action_or_reset() fails. The cleanup logic attempts to operate on a kobject before it has been fully initialized, leading to inconsistent system states.
Business Impact
Kernel-level vulnerabilities are critical as they reside at the core of the operating system. With a CVSS score of 8.8, this flaw could potentially be leveraged for local privilege escalation or system crashes, resulting in significant operational downtime and potential compromise of system-wide security policies.
Remediation Plan
Immediate Action: Apply the latest Linux kernel security patches provided by your distribution vendor as soon as they become available.
Proactive Monitoring: Monitor system logs (dmesg, syslog) for kernel panic events, memory access violations, or driver-related initialization errors.
Compensating Controls: Maintain a minimal attack surface by disabling unnecessary kernel modules and ensuring that the system is running with hardened configurations (e.g., SELinux or AppArmor).
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 5, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Kernel vulnerabilities require immediate attention to maintain system integrity. Administrators should verify their distribution's kernel version and apply the relevant security patches immediately upon release to prevent local exploitation and ensure system stability.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the...
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neigh_node, but some paths also cache an originator pointer derived from a temporary lookup
---METADATA---
VENDOR: Linux
PRODUCT: kernel
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
The Linux kernel's batman-adv module is vulnerable to an issue involving the incorrect caching of unowned originator pointers in BAT IV.
Executive Summary:
An improper caching vulnerability in the Linux kernel batman-adv module requires immediate attention to prevent potential exploitation of the network stack.
Vulnerability Details
CVE-ID: CVE-2026-46238
Affected Software: Linux kernel
Affected Versions: See vendor advisory for affected versions
Vulnerability: The vulnerability exists within the BAT IV implementation of the batman-adv module, where unowned originator pointers are incorrectly cached in certain paths. This flaw relates to how the kernel manages neighbor address lookups.
Business Impact
With a CVSS score of 8.8, this vulnerability carries a high risk to network reliability and system security. Exploitation could lead to unauthorized network traffic manipulation or system-level instability, potentially impacting the availability of the affected network infrastructure.
Remediation Plan
Immediate Action: Update the Linux kernel to the latest version provided by your vendor to ensure the fix for the batman-adv module is implemented.
Proactive Monitoring: Review kernel logs for anomalous network behavior or errors related to BAT IV path lookups.
Compensating Controls: Implement strict network segmentation and monitor for unusual traffic patterns within the mesh network environment.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 31, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should treat this kernel update as a priority, especially in environments relying on B.A.T.M.A.N. advanced for mesh networking. Apply the official patches from your distribution maintainer as soon as they become available.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp num_touch_reports A device would never lie about the num...
In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp num_touch_reports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4_parse_report will read off the end of the touch_reports array, up to about 2 KiB for the maximum number of 256 loop iteraions
---METADATA---
VENDOR: Linux
PRODUCT: kernel
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
A vulnerability in the Linux kernel's PlayStation HID driver allows for out-of-bounds reads due to insufficient clamping of touch report counts.
Executive Summary:
An out-of-bounds memory access vulnerability in the Linux kernel's PlayStation HID driver could lead to system crashes or information disclosure.
Vulnerability Details
CVE-ID: CVE-2026-46232
Affected Software: Linux kernel
Affected Versions: See vendor advisory
Vulnerability: The vulnerability exists in dualshock4_parse_report, which fails to properly clamp the num_touch_reports value. An attacker can provide a malformed device report that triggers an out-of-bounds read of the touch_reports array.
Business Impact
The CVSS score of 8.1 (High) reflects the danger of out-of-bounds memory access. While primarily affecting systems using specific HID hardware, the impact includes potential system instability or the leakage of kernel memory contents, which could be used to bypass security features like KASLR.
Remediation Plan
Immediate Action: Update the Linux kernel to the version containing the fix for the PlayStation HID driver.
Proactive Monitoring: Monitor system logs for driver-related errors or kernel panics related to HID device input.
Compensating Controls: Restrict physical access to USB ports and prevent the connection of unauthorized HID devices on critical systems.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 1, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Although the impact is localized to HID drivers, kernel-level memory corruption is a serious issue. Administrators should ensure kernel updates are applied to all affected Linux distributions.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Flowise
PRODUCT: Flowise
AFFECTED_VERSIONS: Prior to 3.1.2
---END_METADATA---
Description Summary:
Flowise versions prior to 3.1.2 lack authentication middleware on CRUD endpoints for OpenAI Assistants Vector Store, enabling unauthorized data modification.
Executive Summary:
A high-severity authentication bypass vulnerability in Flowise allows unauthenticated attackers to modify or delete sensitive data within OpenAI Assistants Vector Stores.
Vulnerability Details
CVE-ID: CVE-2026-46444
Affected Software: Flowise
Affected Versions: Prior to 3.1.2
Vulnerability: All CRUD endpoints related to the OpenAI Assistants Vector Store lack necessary authentication middleware. This allows an unauthenticated remote attacker to perform unauthorized operations, including the modification or deletion of data managed within the Flowise interface.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a severe threat to the integrity and availability of AI-driven workflows. An attacker could destroy valuable training data or inject malicious information into vector stores, leading to corrupted model behavior and potential loss of intellectual property.
Remediation Plan
Immediate Action: Upgrade Flowise to version 3.1.2 or later to implement the required authentication middleware.
Proactive Monitoring: Review access logs for the Flowise administrative interface and monitor for unauthorized API requests targeting the Vector Store endpoints.
Compensating Controls: Implement network-level access controls to restrict access to the Flowise management interface to authorized internal IP addresses only.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The absence of authentication on critical API endpoints makes this an urgent security priority. All users of Flowise must upgrade to version 3.1.2 immediately to secure the platform against unauthorized data manipulation. Restricting network access to the application is a recommended secondary measure until the update is fully deployed.