Critical brace-expansion npm bug lets attackers crash apps with a zero-step input
Critical Denial-of-Service Flaw Discovered in brace-expansion Package Microsoft has disclosed a high-severity denial-of-service vulnerability in the popular brace-expansion npm package, tracked as...
CVE-2026-33750 Brace Expansion Flaw Can Freeze Windows Systems
Understanding CVE-2026-33750 Microsoft has disclosed a denial-of-service vulnerability, CVE-2026-33750, that resides in the brace expansion feature of Windows command-line tools. The vulnerability...
CVE-2026-31494: Linux Kernel macb Driver Vulnerable to Out-of-Bounds Write via ethtool Stats
A newly published Linux kernel vulnerability in the Cadence MACB/GEM Ethernet driver is a reminder that even small accounting mistakes in networking code can become memory-safety bugs. CVE-2026-31494...
CVE-2026-31525: Subtle BPF Interpreter Bug in Linux Kernel's Signed Division Could Lead to Incorrect Behavior
A recently disclosed vulnerability in the Linux kernel, tracked as CVE-2026-31525, reveals a subtle but significant correctness flaw in the BPF interpreter's handling of signed 32-bit division and...
BPF signed division bug in Linux kernel 5.10-6.8 allows arbitrary code execution
A newly disclosed vulnerability in the Linux kernel's BPF subsystem, tracked as CVE-2026-31525, exposes a subtle but critical mismatch between the BPF verifier and interpreter when handling signed...
Linux Kernel Fix Patches Critical XFS Use-After-Free Bug
Linux administrators are waking up to a new XFS kernel flaw that looks deceptively small in code but serious in consequence. CVE-2026-31453 affects the Linux kernel’s XFS journaling path, where...
Linux kernel patch fixes memory leak and infinite loop in Bluetooth L2CAP ERTM
A recently disclosed vulnerability in the Linux kernel's Bluetooth subsystem, CVE-2026-31498, has been addressed with a patch that resolves two intertwined issues: a memory leak and an infinite loop...
CVE-2026-31498: Linux Bluetooth L2CAP ERTM Bugs Could Crash Your System
A pair of memory safety flaws in the Linux kernel's Bluetooth subsystem have been assigned CVE-2026-31498, and they're not your typical remote code execution nightmares. Instead, these are...
CVE-2026-31503: Linux Kernel UDP Wildcard Bind Bypass Could Let Attackers Hijack Ports
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-31503, exposes a subtle but dangerous flaw in UDP port binding logic. The bug allows a socket to bind to a wildcard address (0.0.0.0)...
CVE-2026-31503: Linux Kernel UDP Wildcard Bind Conflict Misses hash2 Threshold
Linux systems are facing a new networking vulnerability that underscores how subtle logic errors can be just as dangerous as memory corruption. Tracked as CVE-2026-31503, this kernel bug affects UDP...