Posts of last 24 hours

CVE-2026-9786 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-375)
A vulnerability identified as critical has been detected in Quest NetVault Backup 14.0.0.19. This affects an unknown function. Performing a manipulation results in sql injection. This vulnerability is reported as CVE-2026-9786. The attack is possible to be carried out remotely. No exploit exists.
https://vuldb.com/vuln/373558
CVE-2026-53163 | Linux Kernel up to 6.18.35/7.0.12 kernel/locking/rtmutex.c remove_waiter task null pointer dereference
A vulnerability identified as critical has been detected in Linux Kernel up to 6.18.35/7.0.12. This vulnerability affects the function remove_waiter of the file kernel/locking/rtmutex.c. The manipulation of the argument task leads to null pointer dereference. This vulnerability is traded as CVE-2026-53163. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.
https://vuldb.com/vuln/373740
CVE-2026-53263 | Linux Kernel up to 7.0.12 6lowpan lowpan_iphc_mcast_ctx_addr_compress s6_addr off-by-one
A vulnerability has been found in Linux Kernel up to 7.0.12 and classified as critical. This issue affects the function lowpan_iphc_mcast_ctx_addr_compress of the component 6lowpan. The manipulation of the argument s6_addr leads to off-by-one. This vulnerability is uniquely identified as CVE-2026-53263. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.
https://vuldb.com/vuln/373818
CVE-2026-54573 | Outline up to 1.7.x AuthenticationHelper.canAccess authorization (GHSA-5x79-rj4g-qrh8)
A vulnerability has been found in Outline up to 1.7.x and classified as problematic. This impacts the function AuthenticationHelper.canAccess. The manipulation leads to incorrect authorization. This vulnerability is listed as CVE-2026-54573. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.
https://vuldb.com/vuln/373944
CVE-2026-53277 | Linux Kernel up to 6.18.35/7.0.12 KVM walk_s1 srcu injection (EUVD-2026-39228)
A vulnerability classified as critical was found in Linux Kernel up to 6.18.35/7.0.12. This issue affects the function walk_s1 of the component KVM. Executing a manipulation of the argument srcu can lead to injection. This vulnerability appears as CVE-2026-53277. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.
https://vuldb.com/vuln/373829
CVE-2026-53262 | Linux Kernel up to 6.12.93/6.18.35/7.0.12 l2tp pppol2tp_ioctl sk use after free
A vulnerability was found in Linux Kernel up to 6.12.93/6.18.35/7.0.12. It has been declared as critical. The impacted element is the function pppol2tp_ioctl of the component l2tp. Such manipulation of the argument sk leads to use after free. This vulnerability is referenced as CVE-2026-53262. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373821
CVE-2026-53152 | Linux Kernel up to 6.12.93/6.18.35/7.0.12 mmc null pointer dereference
A vulnerability was found in Linux Kernel up to 6.12.93/6.18.35/7.0.12. It has been declared as critical. This affects an unknown part of the component mmc. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2026-53152. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373695
CVE-2026-53117 | Linux Kernel up to 6.6.140/6.12.90/6.18.32/7.0.9 s390 __driver_attach driver_override use after free (WID-SEC-2026-2077)
A vulnerability classified as critical has been found in Linux Kernel up to 6.6.140/6.12.90/6.18.32/7.0.9. This affects the function __driver_attach of the component s390. The manipulation of the argument driver_override leads to use after free. This vulnerability is listed as CVE-2026-53117. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
https://vuldb.com/vuln/373464
CVE-2026-53116 | Linux Kernel up to 7.0.9 s390 apmask_store use after free (Nessus ID 323339 / WID-SEC-2026-2077)
A vulnerability classified as critical was found in Linux Kernel up to 7.0.9. Affected is the function apmask_store of the component s390. Such manipulation leads to use after free. This vulnerability is traded as CVE-2026-53116. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is advised.
https://vuldb.com/vuln/373395
CVE-2026-53114 | Linux Kernel up to 6.18.32/7.0.9 perf perf_allow_kernel hw permission (WID-SEC-2026-2077)
A vulnerability marked as critical has been reported in Linux Kernel up to 6.18.32/7.0.9. Affected by this vulnerability is the function perf_allow_kernel of the component perf. Performing a manipulation of the argument hw results in permission issues. This vulnerability is identified as CVE-2026-53114. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.
https://vuldb.com/vuln/373462

Managed ad