|
201
|
7.1 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ip6t_hbh: reject oversized option lists
struct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,
but hbh_m…
New
|
-
|
CVE-2026-52915
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: fix fragment reassembly length accounting
batman-adv keeps a running payload length for queued fragments and uses it
…
New
|
-
|
CVE-2026-52914
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_queue: hold bridge skb->dev while queued
br_pass_frame_up() rewrites skb->dev from the ingress port to the bridge
m…
New
|
-
|
CVE-2026-52912
|
2026-06-28 17:16 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
8.8 |
HIGH
Network
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: scope conn->binding slowpath to bound sessions only
When the binding SESSION_SETUP sets conn->binding = true, the flag sta…
New
|
-
|
CVE-2026-52911
|
2026-06-28 17:16 |
2026-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
3.1 |
LOW
Network
|
-
|
-
|
A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component Credential Storage. This …
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-13483
|
2026-06-28 16:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. The manipulation results…
New
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-13482
|
2026-06-28 14:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
7.4 |
HIGH
Network
|
-
|
-
|
Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct getaddrinfo_state ai_state) as the user_data of an …
New
|
CWE-416
Use After Free
|
CVE-2026-10646
|
2026-06-28 14:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
4.2 |
MEDIUM
Adjacent
|
-
|
-
|
The Microchip SERCOM-G1 UART driver (drivers/serial/uart_mchp_sercom_g1.c), used by the PIC32CM-JH SoC family, contains an out-of-bounds write in its asynchronous (DMA) receive path. When uart_rx_ena…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10644
|
2026-06-28 14:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
The Zephyr Bluetooth LE Audio Basic Audio Profile (BAP) unicast client mishandles peer-supplied ASE state notifications. In unicast_client_ep_qos_state() (subsys/bluetooth/audio/bap_unicast_client.c)…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-10593
|
2026-06-28 14:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6_get_data_primitive (libnetutil/netutil.cc), so the pointer advances past the buffer and the remaining…
New
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-58058
|
2026-06-28 11:16 |
2026-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
