CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption→
CVE-2026-57918 libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker. Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-57918 libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker.→
CVE-2026-57231 Podman: Malformed Image can trick podman run into leaking host environment variables into the container Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-57231 Podman: Malformed Image can trick podman run into leaking host environment variables into the container→
CVE-2026-13325 Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-13325 Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces→
CVE-2026-13218 Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-13218 Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher→
CVE-2026-13208 Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-13208 Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body→
CVE-2026-13318 Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-13318 Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip→
CVE-2026-13322 Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service Posted on July 1, 2026 by Syndicated News — No Comments ↓ Information published. Continue reading CVE-2026-13322 Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service→