Linuxfoundation Security Vulnerabilities (CVEs)

This CVE allows attackers with read/write access to Vitess backup storage locations to manipulate backup manifest files and perform path traversal att...

This vulnerability in NATS-Server allows attackers to cause denial of service via compression bombs in WebSocket messages. It affects deployments usin...

This vulnerability allows unauthorized authentication in Strimzi Kafka clusters when using custom CA certificates with multi-stage chains. Attackers w...

This vulnerability in Strimzi allows Kafka Connect or Kafka MirrorMaker 2 operands to incorrectly trust all certificates in a CA chain when connecting...

OpenTelemetry-Go SDK versions v1.20.0 through v1.39.0 on macOS/Darwin systems are vulnerable to path hijacking attacks. An attacker with local access ...

A path traversal vulnerability in Backstage's TechDocs local generator allows attackers to read arbitrary files from the host filesystem when processi...

This vulnerability allows attackers to execute arbitrary Python code on TechDocs build servers when configured with 'runIn: local'. Malicious actors w...

CVE-2026-24905 is a command injection vulnerability in Inspektor Gadget's image building functionality. An attacker who can control the YAML gadget ma...

A critical authentication bypass vulnerability in Podman Desktop allows any installed extension to completely circumvent permission checks and gain un...

A vulnerability in PyTorch's `weights_only` unpickler allows attackers to craft malicious checkpoint files (.pth) that, when loaded, can corrupt memor...

CVE-2026-24117 is a Server-Side Request Forgery (SSRF) vulnerability in Rekor's /api/v1/index/retrieve endpoint that allows attackers to trigger GET r...

This CVE describes a nil pointer dereference vulnerability in Rekor's entry implementation that can cause a panic when processing attacker-controlled ...

This vulnerability in EVerest EV charging software allows malicious operators to read unintended memory regions (heap/stack) through pointer arithmeti...

This vulnerability in EVerest libocpp causes memory leaks through unfreed strdup pointers during connection attempts. It affects EV charging systems u...

This vulnerability in EVerest EV charging software allows attackers to exploit other weaknesses by keeping connections alive despite errors. All EVere...

This vulnerability allows attackers to bypass session validation in EVerest EV charging software by sending V2G messages with session ID 0 when no ses...

A null pointer dereference vulnerability in EVerest EV charging software allows remote attackers to cause denial of service by sending specially craft...

This vulnerability in EVerest EV charging software allows attackers to cause denial of service through null pointer dereference when handling SDP requ...

An integer overflow vulnerability in EVerest EV charging software allows attackers to trigger either infinite loops or stack buffer overflows by sendi...

This vulnerability in EVerest EV charging software allows attackers to crash the process by sending malformed SLIP frames via serial input. It affects...

This vulnerability in EVerest EV charging software allows attackers to cause denial of service by triggering assertion failures that crash individual ...

This vulnerability in EVerest EV charging software allows unhandled C++ exceptions in the TbdController loop to cause silent termination of the contro...

This vulnerability in EVerest EV charging software allows attackers to cause denial of service by exhausting system memory through unlimited TCP conne...

CVE-2026-22772 is a server-side request forgery (SSRF) vulnerability in Fulcio's MetaIssuer URL validation. Attackers can bypass validation using unan...

Spinnaker versions prior to 2025.1.6, 2025.2.3, and 2025.3.0 are vulnerable to server-side request forgery (SSRF) that allows attackers to fetch data ...

A denial-of-service vulnerability in the omec-project UPF's pfcpiface component allows attackers to crash the UPF process by sending malformed PFCP Se...

This vulnerability in Strimzi Kafka Operator versions 0.47.0 through 0.49.0 creates an overly permissive Kubernetes Role that grants Kafka Connect and...

This CVE describes a memory exhaustion vulnerability in containerd's CRI Attach implementation where goroutine leaks allow users to consume host memor...

This CVE-2025-52881 vulnerability in runc allows attackers to redirect writes to /proc filesystem to other locations through race conditions with shar...

A vulnerability in runc allows attackers to bypass container isolation by tricking the system into bind-mounting sensitive read-only or masked paths t...

This vulnerability in runc allows attackers to bypass container isolation by exploiting insufficient verification of bind-mount sources when using /de...

Containerd versions before 1.7.29, 2.0.7, 2.1.5, and 2.2.0 create critical directories with overly permissive access controls, allowing group/world re...

This vulnerability in the GNSS service allows an out-of-bounds write due to incorrect bounds checking. It enables local privilege escalation if an att...

This vulnerability in the GNSS service allows an attacker with System privilege to perform an out-of-bounds write, potentially leading to local privil...

This vulnerability allows local privilege escalation on MediaTek devices due to an insecure default value in the preloader component. An attacker with...

CVE-2025-55552 is an integer overflow vulnerability in PyTorch v2.8.0 that occurs when torch.rot90 and torch.randn_like functions are used together, p...

PyTorch v2.8.0 contains an integer overflow vulnerability in torch.nan_to_num-.long() that could allow memory corruption or denial of service. This af...

A vulnerability in PyTorch v2.7.0 causes a Name Error when models containing torch.cummin operations are compiled with Inductor, leading to Denial of ...

This CVE describes an assertion error vulnerability in PyTorch's nn.Fold module when using the inductor compiler. The vulnerability can cause denial o...

This CVE describes a vulnerability in PyTorch's torch.compile feature where FractionalMaxPool2d produces inconsistent results. This could lead to inco...

A vulnerability in PyTorch's bitwise_right_shift function produces incorrect output when given out-of-bounds values for the 'other' argument. This cou...

This vulnerability in PyTorch versions before 3.7.0 affects the bernoulli_p decompose function, causing inconsistency with CPU implementations that ne...

A vulnerability in PyTorch's torch.linalg.lu component allows attackers to trigger a Denial of Service (DoS) through specific slice operations. This a...

Dragonfly versions before 2.1.0 use MD5 hashing for file verification, which is cryptographically broken and allows attackers to create malicious file...

A denial-of-service vulnerability in Dragonfly's P2P file distribution system allows attackers to bypass rate limiting by exploiting an uninitialized ...

Dragonfly's proxy access control mechanism prior to version 2.1.0 uses simple string comparisons vulnerable to timing attacks. Attackers can guess pas...