24h | 7d | 30d

Overview

  • OpenBSD
  • OpenSSH

02 Apr 2026
Published
02 Apr 2026
Updated

CVSS v3.1
MEDIUM (4.2)
EPSS
0.03%

KEV

Description

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

Statistics

  • 1 Post

Last activity: 11 hours ago

Bluesky

Profile picture fallback
OpenSSH vulnerabilities CVE-2026-35385 & CVE-2026-35414 affect #openSUSE. Read more -> tinyurl.com/4vxdppw6 #Security
  • 0
  • 0
  • 0
  • 11h ago

Overview

  • valkey-io
  • valkey

23 Feb 2026
Published
25 Feb 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.02%

KEV

Description

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processing code does not validate that a clusterbus ping extension packet is located within buffer of the clusterbus packet before attempting to read it. Versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12 fix the issue. As an additional mitigation, don't expose the cluster bus connection directly to end users, and protect the connection with its own network ACLs.

Statistics

  • 1 Post

Last activity: 7 hours ago

Bluesky

Profile picture fallback
Redis has two critical CVEs (CVE-2025-67733 & CVE-2026-21863) on Debian. Here is your practical guide: check your version, apply the fix, or mitigate with ACLs and iptables. Read more -> tinyurl.com/3kzpbaj7 #Debiar #Security
  • 0
  • 0
  • 0
  • 7h ago

Overview

  • OpenBSD
  • OpenSSH

02 Apr 2026
Published
03 Apr 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.06%

KEV

Description

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).

Statistics

  • 1 Post

Last activity: 11 hours ago

Bluesky

Profile picture fallback
OpenSSH vulnerabilities CVE-2026-35385 & CVE-2026-35414 affect #openSUSE. Read more -> tinyurl.com/4vxdppw6 #Security
  • 0
  • 0
  • 0
  • 11h ago

Overview

  • Linux
  • Linux

22 Apr 2026
Published
18 May 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
2.57%

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

Statistics

  • 1 Post
  • 4 Interactions

Last activity: 4 hours ago

Fediverse

Profile picture fallback

Security updates: Debian vs Ubuntu, AlmaLinux vs Rocky Linux

The last couple of weeks were turbulent for the Linux kernel: several critical security problems were disclosed . Three of them are local privilege escalation bugs: they allow any local user to become root. The vulnerabilities are named Copy Fail (CVE-2026-31431), Dirty Frag (CVE-2026-43284, CVE-2026-43500), Fragnesia (CVE-2026-46300). The fourth vulnerability, named ssh-keysign-pwn (CVE-2026-46333) allows a user to read root owned files, such as host SSH keys. There are exploits publicly […]

blog.frehi.be/2026/05/18/secur

  • 3
  • 1
  • 0
  • 4h ago
Showing 31 to 34 of 34 CVEs