Vuldb Updates

A vulnerability classified as critical has been found in Linux Kernel up to 6.18.15/6.19.5. This impacts the function for_each_child_of_node_scoped of the component Misc. This manipulation causes memory leak. This vulnerability is handled as CVE-2025-71290. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.164/6.6.127/6.12.74/6.18.15/6.19.5. Affected by this vulnerability is the function bcm_vk_read of the component Misc. Performing a manipulation results in null pointer dereference. This vulnerability was named CVE-2025-71291. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.166/6.6.129/6.12.76/6.18.16/6.19.5. This impacts an unknown function of the component memory. Performing a manipulation results in memory leak. This vulnerability is known as CVE-2025-71288. Access to the local network is required for this attack. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.19.5. Affected is the function attr_set_size of the component ntfs3. Executing a manipulation can lead to state issue. This vulnerability is handled as CVE-2025-71289. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.19.5 and classified as critical. Affected by this vulnerability is the function drop_nlink of the component jfs. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-71292. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.18.15/6.19.5 and classified as critical. Affected by this issue is some unknown functionality. The manipulation results in null pointer dereference. This vulnerability was named CVE-2025-71293. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.19.5. Affected by this issue is the function input_mapping of the component HID. The manipulation leads to denial of service. This vulnerability is traded as CVE-2026-43140. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.19.5 and classified as critical. This vulnerability affects the function ntb_hw_switchtec. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2026-43141. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.1.164/6.6.127/6.12.74/6.18.15/6.19.5 and classified as critical. This issue affects the function mfd_of_node_list of the component mfd. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2026-43143. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.18.15/6.19.5. It has been classified as critical. Impacted is an unknown function of the component media. Performing a manipulation results in buffer overflow. This vulnerability was named CVE-2026-43142. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.19.5. It has been declared as critical. Affected is the function xfrm6_get_saddr. Such manipulation leads to uninitialized pointer. This vulnerability is traded as CVE-2026-43139. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in F5 BIG-IP. This affects an unknown function of the component Security Policy Handler. Executing a manipulation can lead to unchecked return value. This vulnerability is registered as CVE-2026-40060. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in F5 BIG-IP. Affected by this vulnerability is an unknown functionality of the component iControl REST/TMOS Shell. The manipulation leads to least privilege violation. This vulnerability is referenced as CVE-2026-39459. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in F5 BIG-IP. This issue affects some unknown processing of the component iControl REST Endpoint. Such manipulation leads to os command injection. This vulnerability is traded as CVE-2026-34176. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability has been found in F5 BIG-IP and classified as critical. Impacted is an unknown function of the component Traffic Management Microkernel. Performing a manipulation results in uninitialized pointer. This vulnerability is known as CVE-2026-39458. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability classified as critical has been found in F5 BIG-IP. The impacted element is an unknown function of the component LDAP. Performing a manipulation results in missing release of resource. This vulnerability is cataloged as CVE-2026-39455. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as problematic has been found in F5 BIG-IP. Affected is an unknown function. Executing a manipulation can lead to incorrect privilege assignment. The identification of this vulnerability is CVE-2026-35062. The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.

A vulnerability labeled as problematic has been found in F5 BIG-IP. This issue affects some unknown processing of the component iControl REST Endpoint. The manipulation results in path traversal: '.../...//'. This vulnerability is identified as CVE-2026-24464. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability described as problematic has been identified in F5 BIG-IP. The affected element is an unknown function. Such manipulation leads to execution with unnecessary privileges. This vulnerability is listed as CVE-2026-32673. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability categorized as problematic has been discovered in F5 BIG-IP. This affects an unknown function of the component iControl REST. Such manipulation of the argument ssh-password leads to cleartext storage of sensitive information. This vulnerability is uniquely identified as CVE-2026-28758. Local access is required to approach this attack. No exploit exists. It is advisable to upgrade the affected component.