|
561
|
7.1 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ip6t_hbh: reject oversized option lists
struct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,
but hbh_m…
New
|
-
|
CVE-2026-52915
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
562
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: fix fragment reassembly length accounting
batman-adv keeps a running payload length for queued fragments and uses it
…
New
|
-
|
CVE-2026-52914
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
563
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: hold bridge skb->dev while queued
br_pass_frame_up() rewrites skb->dev from the ingress port to the bridge
m…
New
|
-
|
CVE-2026-52912
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
564
|
8.8 |
HIGH
Network
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: scope conn->binding slowpath to bound sessions only
When the binding SESSION_SETUP sets conn->binding = true, the flag sta…
New
|
-
|
CVE-2026-52911
|
2026-06-28 17:16 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
565
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, force…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-58053
|
2026-06-28 11:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
566
|
6.5 |
MEDIUM
Adjacent
|
dhcpcd_project
|
dhcpcd
|
dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to wr…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-56114
|
2026-06-28 09:34 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
567
|
6.5 |
MEDIUM
Adjacent
|
dhcpcd_project
|
dhcpcd
|
dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW repl…
New
|
CWE-416
Use After Free
|
CVE-2026-56113
|
2026-06-28 09:33 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
568
|
6.5 |
MEDIUM
Adjacent
|
dhcpcd_project
|
dhcpcd
|
dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to c…
New
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-56116
|
2026-06-28 09:27 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
569
|
5.5 |
MEDIUM
Local
|
dhcpcd_project
|
dhcpcd
|
dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger me…
New
|
CWE-416
Use After Free
|
CVE-2026-56117
|
2026-06-28 09:26 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
570
|
4.8 |
MEDIUM
Network
|
fortra
|
file_integrity_monitoring
|
Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-site scripting (XSS) vulnerability in the Asset View UI component. An authentica…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-12163
|
2026-06-28 09:21 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
