Common Vulnerabilities and Exposures (CVE)

CVE-2024-38487

Jun 16, 2026 16:29:22 UTC

api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions.

CVE-2025-68811

Jun 16, 2026 16:29:00 UTC

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rc_pageoff for memcpy byte offset svc_rdma_copy_inline_range added rc_curpage (page index) to the page base instead of the byte offset rc_pageoff. Use rc_pag...

CVE-2025-68312

Jun 16, 2026 16:26:09 UTC

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnet_link_change(dev, 0, 0); put the kevent work in g...

CVE-2025-68261

Jun 16, 2026 16:25:14 UTC

In the Linux kernel, the following vulnerability has been resolved: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() Fix a race between inline data destruction and block mapping. The function ext4_destroy_inline_data_...

CVE-2025-68241

Jun 16, 2026 16:24:13 UTC

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe The sit driver's packet transmission path calls: sit_tunnel_xmit() -> update_or_create_fnhe(), which le...

CVE-2025-68788

Jun 16, 2026 16:22:36 UTC

In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events (e.g. I...

CVE-2025-68305

Jun 16, 2026 16:21:48 UTC

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same c...

CVE-2025-68229

Jun 16, 2026 16:20:56 UTC

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() If the allocation of tl_hba->sh fails in tcm_loop_driver_probe() and we attempt to dereference it in t...

CVE-2025-71089

Jun 16, 2026 16:20:14 UTC

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIG_X86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related t...

CVE-2025-71194

Jun 16, 2026 16:19:10 UTC

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type When wait_current_trans() is called during start_transaction(), it currently waits for a block...

CVE-2026-9507

Jun 16, 2026 16:18:10 UTC

A session fixation vulnerability has been identified in osTicket v1.18.2. This security flaw allows an attacker to hijack a victim’s account by keeping the initial session identifier (OSTSESSID) active after a successful login. The issue...

CVE-2026-2381

Jun 16, 2026 16:16:27 UTC

The WooCommerce Stripe Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `ajax_pay_for_order()` function in all versions up to, and including, 10.7.0 This is due...

CVE-2026-49774

Jun 16, 2026 16:15:18 UTC

Improper Control of Generation of Code ('Code Injection') vulnerability in Filipe Nasc RD Station allows Remote Code Inclusion. This issue affects RD Station: from n/a through 5.6.0.

CVE-2026-42089

Jun 16, 2026 16:15:04 UTC

Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names wit...

CVE-2026-12205

Jun 16, 2026 16:13:32 UTC

Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever clearing it. The first sign() on a Key o...