Posts of last 24 hours

CVE-2026-52919 | Linux Kernel up to 7.0.10 batman-adv batadv_tp_sender_shutdown negative use after free (WID-SEC-2026-2056)
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 7.0.10. This issue affects the function batadv_tp_sender_shutdown of the component batman-adv. The manipulation of the argument negative leads to use after free. This vulnerability is uniquely identified as CVE-2026-52919. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.
https://vuldb.com/vuln/373158
CVE-2026-52914 | Linux Kernel up to 7.0.10 batman-adv denial of service (WID-SEC-2026-2056)
A vulnerability was found in Linux Kernel up to 7.0.10. It has been declared as critical. This impacts an unknown function of the component batman-adv. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2026-52914. The attack is restricted to local execution. No exploit exists. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373163
CVE-2026-52924 | Linux Kernel up to 7.0.12 sctp sctp_stream_update out_curr use after free (WID-SEC-2026-2056)
A vulnerability described as critical has been identified in Linux Kernel up to 7.0.12. The impacted element is the function sctp_stream_update of the component sctp. The manipulation of the argument out_curr results in use after free. This vulnerability is reported as CVE-2026-52924. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.
https://vuldb.com/vuln/373183
CVE-2026-52923 | Linux Kernel up to 7.0.11 ipc /proc/sysvipc/shm ipc_idr_alloc next_id encoding error (Nessus ID 322536 / WID-SEC-2026-2056)
A vulnerability classified as critical has been found in Linux Kernel up to 7.0.11. This affects the function ipc_idr_alloc of the file /proc/sysvipc/shm of the component ipc. This manipulation of the argument next_id causes encoding error. This vulnerability appears as CVE-2026-52923. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373184
CVE-2026-52922 | Linux Kernel up to 7.0.10 batman-adv batadv_dat_forward_data null pointer dereference (WID-SEC-2026-2056)
A vulnerability was found in Linux Kernel up to 7.0.10 and classified as critical. This affects the function batadv_dat_forward_data of the component batman-adv. The manipulation results in null pointer dereference. This vulnerability was named CVE-2026-52922. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373189
CVE-2026-52915 | Linux Kernel up to 7.0.10 netfilter ip6t_hbh.c hbh_mt6_check off-by-one (Nessus ID 322534 / WID-SEC-2026-2056)
A vulnerability marked as critical has been reported in Linux Kernel up to 7.0.10. Affected by this vulnerability is the function hbh_mt6_check of the file /net/ipv6/netfilter/ip6t_hbh.c of the component netfilter. This manipulation causes off-by-one. This vulnerability appears as CVE-2026-52915. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373154
CVE-2026-52918 | Linux Kernel up to 7.0.10 Bluetooth bt_sock_poll deserialization (Nessus ID 322526 / WID-SEC-2026-2056)
A vulnerability classified as critical has been found in Linux Kernel up to 7.0.10. This affects the function bt_sock_poll of the component Bluetooth. Performing a manipulation results in deserialization. This vulnerability is known as CVE-2026-52918. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373156
CVE-2026-52920 | Linux Kernel up to 7.0.9 netfilter match_policy_in pol[] information disclosure (Nessus ID 322525 / WID-SEC-2026-2056)
A vulnerability, which was classified as critical, was found in Linux Kernel up to 7.0.9. Impacted is the function match_policy_in of the component netfilter. The manipulation of the argument pol[] results in information disclosure. This vulnerability was named CVE-2026-52920. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.
https://vuldb.com/vuln/373159
CVE-2026-52912 | Linux Kernel up to 7.0.10 netfilter state.in br_pass_frame_up dev use after free (Nessus ID 322520 / WID-SEC-2026-2056)
A vulnerability was found in Linux Kernel up to 7.0.10. It has been classified as critical. This affects the function br_pass_frame_up of the file state.in of the component netfilter. Performing a manipulation of the argument dev results in use after free. This vulnerability is identified as CVE-2026-52912. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.
https://vuldb.com/vuln/373162
CVE-2026-49323 | Indian Motorcycle Scout Bobber and Tech 2025 Wireless Control weak authentication (EUVD-2026-33287)
A vulnerability, which was classified as problematic, has been found in Indian Motorcycle Scout Bobber and Tech 2025. Impacted is an unknown function of the component Wireless Control Module. This manipulation causes weak authentication. This vulnerability is tracked as CVE-2026-49323. It is feasible to perform the attack on the physical device. No exploit exists.
https://vuldb.com/vuln/367208

Managed ad