CVE-2026-46330
Description détaillée
In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This reverts commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40. As reported by Al Viro, the TCP ULP support for SMC is fundamentally broken. The implementation attempts to convert an active TCP socket into an SMC socket by modifying the underlying `struct file`, dentry, and inode in-place, which violates core VFS invariants that assume these structures are immutable for an open file, creating a risk of use after free errors and general system instability. Given the severity of this design flaw and the fact that cleaner alternatives (e.g., LD_PRELOAD, BPF) exist for legacy application transparency, the correct course of action is to remove this feature entirely.
Dernières Vulnérabilités
CVE-2026-8863
Multiple version of UEFI SHIM bootloaders are vulnerable to SecureBoot bypass through lack of enforcement and validation SBAT. The following authenticode signatures are impacted by this disclosure AE75F0D82BA3DF824FBFC69340CC3B4D66C598373B1AB54CDB6C8BFD83A6B961 - Spyrus WTGCreator version 4.2 FD23D6E57DE6F4E1F9D7118DA1C5F31A8AF6BE5E5D9E8170F9493447268D50C5 - Baramundi Management Suite up to 2024R1 - A0DE9333442C1BF9349A460141AE5E80F911955C6506040FA3D021BF6C1AE3E4 WhiteCanyon WipeDrive versions 8.0.0 through 8.1.3. 95B6D71FC0C0F8C5E1533A37AEF92CF6B0C961E2CC612A97117FA6759CE5FC06 - Finland Matriculation Exam Abitti 1 version 1.0.0 236A9CB0D71951C36398A32EB660CE2CD4A52CCFA7CF751CC6A35D9DE549E19B - NTC IT Rosa R9, R10 8A964D5F8373948D20A1D4296FB92E545DAD4617A0C810F3B934B53D98AE8963 - PC-Doctor Service Center 15, 16
CVE-2026-40639
Dell Client Platform BIOS contains a Weak Encoding for Password vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Elevation of Privileges.
CVE-2026-39170
SemCms 5.0 is vulnerable to Cross Site Request Forgery (CSRF) via crafted POST request to /admin/semcms_user.php.