5.5
CVE-2026-31415 - ipv6: avoid overflows in ip6_datagram_send_ctl()
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via `skb_under_panic()` (locaβ¦
7.5
CVE-2026-31417 - net/x25: Fix overflow when accumulating packets
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
9.8
CVE-2026-31414 - netfilter: nf_conntrack_expect: use expect->helper
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master conntrack is unsafe. Use exp->master->helper in ctβ¦
2.7
CVE-2026-36943 - SQL Injection Vulnerability in Sourcecodester Repair Shop Management System v1.0
Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/repairs/manage_repair.php.
2.7
CVE-2026-36942 - SQL Injection Vulnerability in Sourcecodester Online Resort Management System
Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms/admin/activities/manage_activity.php.
8.4
CVE-2025-69627 -
Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc(). During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper β¦
2.7
CVE-2026-36922 - SQL Injection Vulnerability in Sourcecodester Cab Management System 1.0
Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/categories/view_category.php.
0.0
CVE-2026-31420 - bridge: mrp: reject zero test interval to avoid OOM panic
In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic br_mrp_start_test() and br_mrp_start_in_test() accept the user-supplied interval value from netlink without validation. When interval is 0, usecs_to_jiffies(0) yields 0, cβ¦
7
CVE-2026-31426 - ACPI: EC: clean up handlers on probe failure in acpi_ec_setup()
In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() When ec_install_handlers() returns -EPROBE_DEFER on reduced-hardware platforms, it has already started the EC and installed the address space handler with the structβ¦
9.8
CVE-2026-31048 - Arbitrary code execution via malicious pickle payload in Pyro v3.x
An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message.