Aggregator

CVE-2025-71266 | Linux Kernel up to 6.19.5 ntfs3 indx_find denial of service (EUVD-2025-208819 / Nessus ID 302905)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in Linux Kernel up to 6.19.5. It has been classified as critical. Affected by this issue is the function indx_find of the component ntfs3. This manipulation causes denial of service. This vulnerability is tracked as CVE-2025-71266. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-23244 | Linux Kernel up to 6.12.76/6.18.16/6.19.6/7.0-rc2 nvme_pr_read_keys num_keys allocation of resources (EUVD-2026-12805 / Nessus ID 302911)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in Linux Kernel up to 6.12.76/6.18.16/6.19.6/7.0-rc2. It has been declared as critical. This affects the function nvme_pr_read_keys. Such manipulation of the argument num_keys leads to allocation of resources. This vulnerability is listed as CVE-2026-23244. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-71267 | Linux Kernel up to 6.19.5 ntfs3 ntfs_load_attr_list denial of service (EUVD-2025-208821 / Nessus ID 302912)

Vuldb Updates
3 weeks 6 days ago
A vulnerability was found in Linux Kernel up to 6.19.5. It has been rated as critical. This vulnerability affects the function ntfs_load_attr_list of the component ntfs3. Performing a manipulation results in denial of service. This vulnerability is cataloged as CVE-2025-71267. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-23245 | Linux Kernel up to 6.18.17/6.19.7/7.0-rc2 call_rcu state issue (EUVD-2026-12808 / Nessus ID 302909)

Vuldb Updates
3 weeks 6 days ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.17/6.19.7/7.0-rc2. This issue affects the function call_rcu. Executing a manipulation can lead to state issue. This vulnerability is registered as CVE-2026-23245. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-23247 | Linux Kernel up to 6.18.16/6.19.6/7.0-rc2 tcp siphash downgrade (EUVD-2026-12810 / Nessus ID 302908)

Vuldb Updates
3 weeks 6 days ago
A vulnerability identified as problematic has been detected in Linux Kernel up to 6.18.16/6.19.6/7.0-rc2. Impacted is the function siphash of the component tcp. The manipulation leads to algorithm downgrade. This vulnerability is documented as CVE-2026-23247. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2026-23242 | Linux Kernel up to 6.19.3 RDMA siw_get_hdr null pointer dereference (EUVD-2026-12801 / Nessus ID 302913)

Vuldb Updates
3 weeks 6 days ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.19.3. The impacted element is the function siw_get_hdr of the component RDMA. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2026-23242. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-23248 | Linux Kernel up to 6.18.16/6.19.6/7.0-rc1 perf mmap use after free (EUVD-2026-12811 / Nessus ID 302906)

Vuldb Updates
3 weeks 6 days ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.18.16/6.19.6/7.0-rc1. This impacts the function mmap of the component perf. Performing a manipulation results in use after free. This vulnerability is known as CVE-2026-23248. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-23243 | Linux Kernel up to 6.19.3 ib_create_send_mad out-of-bounds (EUVD-2026-12804 / Nessus ID 311783)

Vuldb Updates
3 weeks 6 days ago
A vulnerability classified as critical was found in Linux Kernel up to 6.19.3. Affected is the function ib_create_send_mad. Executing a manipulation can lead to out-of-bounds read. This vulnerability is handled as CVE-2026-23243. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-71269 | Linux Kernel up to 6.18.9 btrfs __cow_file_range_inline denial of service (Nessus ID 311783 / WID-SEC-2026-0790)

Vuldb Updates
3 weeks 6 days ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.18.9. The impacted element is the function __cow_file_range_inline of the component btrfs. Performing a manipulation results in denial of service. This vulnerability is reported as CVE-2025-71269. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-71270 | Linux Kernel up to 6.1.162/6.6.123/6.12.69/6.18.9 LoongArch do_ade privilege escalation (WID-SEC-2026-0790)

Vuldb Updates
3 weeks 6 days ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.162/6.6.123/6.12.69/6.18.9. This affects the function do_ade of the component LoongArch. Executing a manipulation can lead to privilege escalation. This vulnerability is tracked as CVE-2025-71270. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-23249 | Linux Kernel up to 6.12.74/6.18.15/6.19.5 xfs xrep_revalidate_allocbt injection (WID-SEC-2026-0790)

Vuldb Updates
3 weeks 6 days ago
A vulnerability has been found in Linux Kernel up to 6.12.74/6.18.15/6.19.5 and classified as critical. This affects the function xrep_revalidate_allocbt of the component xfs. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2026-23249. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2026-23250 | Linux Kernel up to 6.12.74/6.18.15/6.19.5 xfs xchk_scrub_create_subord return value (WID-SEC-2026-0790)

Vuldb Updates
3 weeks 6 days ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.12.74/6.18.15/6.19.5. This issue affects the function xchk_scrub_create_subord of the component xfs. The manipulation results in unchecked return value. This vulnerability is cataloged as CVE-2026-23250. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.
vuldb.com

Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware

Cyber Security News
3 weeks 6 days ago

Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access trojan capable of stealing data, logging keystrokes, and taking remote control of infected machines. The campaign, which first surfaced in mid-April 2026, targets unsuspecting users who believe they are downloading the […]

The post Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware appeared first on Cyber Security News.

Tushar Subhra Dutta

TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs

Cyber Security News
3 weeks 6 days ago

A new wave of malware disguised as everyday productivity tools has been quietly spreading across the internet, stealing user credentials and giving attackers remote control of infected systems. Researchers have tracked hundreds of campaigns tied to a threat known as TamperedChef, also called EvilAI, which wraps dangerous code inside apps that look and feel completely […]

The post TamperedChef Malware Uses Signed Productivity Apps to Deliver Stealers and RATs appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad