LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2019-14899
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2019-8355
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2019-8356
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2019-8357
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.

LAYER: meta-oe
PACKAGE NAME: dhrystone
PACKAGE VERSION: 2.1
CVE: CVE-2020-23026
CVE STATUS: Unpatched
CVE SUMMARY: A NULL pointer dereference in the main() function dhry_1.c of dhrystone 2.1 causes a denial of service (DoS).

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2021-3714
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2021-3864
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern is set to a relative value, its core dump is stored in the current directory with uid:gid permissions. An unprivileged local user with eligible root SUID binary could use this flaw to place core dumps into root-owned directories, potentially resulting in escalation of privileges.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2021-40426
CVE STATUS: Unpatched
CVE SUMMARY: A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2022-1247
CVE STATUS: Unpatched
CVE SUMMARY: An issue found in linux-kernel that leads to a race condition in rose_connect(). The rose driver uses rose_neigh->use to represent how many objects are using the rose_neigh. When a user wants to delete a rose_route via rose_ioctl(), the rose driver calls rose_del_node() and removes neighbours only if their “count” and “use” are zero.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2022-31650
CVE STATUS: Unpatched
CVE SUMMARY: In SoX 14.4.2, there is a floating-point exception in lsx_aiffstartwrite in aiff.c in libsox.a.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2022-31651
CVE STATUS: Unpatched
CVE SUMMARY: In SoX 14.4.2, there is an assertion failure in rate_init in rate.c in libsox.a.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Patched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32573
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32762
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-32763
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2023-3397
CVE STATUS: Unpatched
CVE SUMMARY: A race condition occurred between the functions lmLogClose and txEnd in JFS, in the Linux Kernel, executed in different threads. This flaw allows a local attacker with normal user privileges to crash the system or leak internal kernel information.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-34410
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.

LAYER: meta-multimedia
PACKAGE NAME: sox
PACKAGE VERSION: 14.4.2
CVE: CVE-2023-34432
CVE STATUS: Unpatched
CVE SUMMARY: A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Patched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-37369
CVE STATUS: Unpatched
CVE SUMMARY: In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-38197
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2023-4010
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-43114
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Qt before 5.15.16, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3 on Windows. When using the GDI font engine, if a corrupted font is loaded via QFontDatabase::addApplicationFont{FromData], then it can cause the application to crash because of missing length checks.

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2023-46839
CVE STATUS: Unpatched
CVE SUMMARY: PCI devices can make use of a functionality called phantom functions,

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2023-46840
CVE STATUS: Unpatched
CVE SUMMARY: Incorrect placement of a preprocessor directive in source code results

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2023-46842
CVE STATUS: Unpatched
CVE SUMMARY: Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2023-51714
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2023-6238
CVE STATUS: Unpatched
CVE SUMMARY: A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2023-6240
CVE STATUS: Unpatched
CVE SUMMARY: A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the Linux Kernel. This issue may allow a network attacker to decrypt ciphertexts or forge signatures, limiting the services that use that private key.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Patched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-25580
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2024-31143
CVE STATUS: Unpatched
CVE SUMMARY: An optional feature of PCI MSI called "Multiple Message" allows a

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2024-31145
CVE STATUS: Unpatched
CVE SUMMARY: Certain PCI devices in a system might be assigned Reserved Memory

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2024-31146
CVE STATUS: Unpatched
CVE SUMMARY: When multiple devices share resources and one of them is to be passed

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-36048
CVE STATUS: Unpatched
CVE SUMMARY: QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values.

LAYER: meta-virtualization
PACKAGE NAME: docker-moby
PACKAGE VERSION: 25.0.9+gita926bec8fc91332410133b24f3e9e3f5add13b48
CVE: CVE-2024-36620
CVE STATUS: Unpatched
CVE SUMMARY: moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2024-39936
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early, because the encrypted() signal has not yet been emitted and processed..

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2024-45817
CVE STATUS: Unpatched
CVE SUMMARY: In x86's APIC (Advanced Programmable Interrupt Controller) architecture,

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2024-45819
CVE STATUS: Unpatched
CVE SUMMARY: PVH guests have their ACPI tables constructed by the toolstack.  The

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2024-47606
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. The function gst_buffer_new_allocate then attempts to allocate memory, eventually calling _sysmem_new_block. The function _sysmem_new_block adds alignment and header size to the (unsigned) size, causing the overflow of the 'slice_size' variable. As a result, only 0x89 bytes are allocated, despite the large input size. When the following memcpy call occurs in gst_buffer_fill, the data from the input file will overwrite the content of the GstMapInfo info structure. Finally, during the call to gst_memory_unmap, the overwritten memory may cause a function pointer hijack, as the mem->allocator->mem_unmap_full function is called with a corrupted pointer. This function pointer overwrite could allow an attacker to alter the execution flow of the program, leading to arbitrary code execution. This vulnerability is fixed in 1.24.10.

LAYER: meta
PACKAGE NAME: libsndfile1
PACKAGE VERSION: 1.2.2
CVE: CVE-2024-50613
CVE STATUS: Unpatched
CVE SUMMARY: libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close.

LAYER: meta
PACKAGE NAME: libtheora
PACKAGE VERSION: 1.1.1
CVE: CVE-2024-56431
CVE STATUS: Unpatched
CVE SUMMARY: oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash.

LAYER: meta
PACKAGE NAME: qemu
PACKAGE VERSION: 8.2.7
CVE: CVE-2024-6519
CVE STATUS: Unpatched
CVE SUMMARY: A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2025-10256
CVE STATUS: Unpatched
CVE SUMMARY: A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2025-12343
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions.

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2025-12781
CVE STATUS: Unpatched
CVE SUMMARY: When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. This behavior matches what is recommended in earlier base64 RFCs, but newer RFCs now recommend either dropping characters outside the specified base64 alphabet or raising an error. The old behavior has the possibility of causing data integrity issues.

LAYER: meta
PACKAGE NAME: nfs-utils
PACKAGE VERSION: 2.6.4
CVE: CVE-2025-12801
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2025-13462
CVE STATUS: Unpatched
CVE SUMMARY: The "tarfile" module would still apply normalization of AREGTYPE (\x00) blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPE_LONGNAME or GNUTYPE_LONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations.

LAYER: meta
PACKAGE NAME: openssl
PACKAGE VERSION: 3.2.6
CVE: CVE-2025-15467
CVE STATUS: Unpatched
CVE SUMMARY: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2025-1594
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-1713
CVE STATUS: Unpatched
CVE SUMMARY: When setting up interrupt remapping for legacy PCI(-X) devices,

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-22873
CVE STATUS: Unpatched
CVE SUMMARY: It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2025-25468
CVE STATUS: Unpatched
CVE SUMMARY: FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c.

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-27465
CVE STATUS: Unpatched
CVE SUMMARY: Certain instructions need intercepting and emulating by Xen.  In some

LAYER: meta-qt5
PACKAGE NAME: qtwayland
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtdeclarative
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtsvg
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtbase
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtcharts
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).
--
LAYER: meta-qt5
PACKAGE NAME: qtquickcontrols2
PACKAGE VERSION: 5.15.13+git
CVE: CVE-2025-30348
CVE STATUS: Unpatched
CVE SUMMARY: encodeText in QDom in Qt before 6.8.0 has a complex algorithm involving XML string copy and inline replacement of parts of a string (with relocation of later data).

LAYER: meta-virtualization
PACKAGE NAME: runc-opencontainers
PACKAGE VERSION: 1.1.14+git
CVE: CVE-2025-31133
CVE STATUS: Unpatched
CVE SUMMARY: runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container's /dev/null) was actually a real /dev/null inode when using the container's /dev/null to mask. This exposes two methods of attack:  an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.

LAYER: meta
PACKAGE NAME: python3-urllib3
PACKAGE VERSION: 2.2.2
CVE: CVE-2025-50182
CVE STATUS: Unpatched
CVE SUMMARY: urllib3 is a user-friendly HTTP client library for Python. Starting in version 2.2.0 and prior to 2.5.0, urllib3 does not control redirects in browsers and Node.js. urllib3 supports being used in a Pyodide runtime utilizing the JavaScript Fetch API or falling back on XMLHttpRequest. This means Python libraries can be used to make HTTP requests from a browser or Node.js. Additionally, urllib3 provides a mechanism to control redirects, but the retries and redirect parameters are ignored with Pyodide; the runtime itself determines redirect behavior. This issue has been patched in version 2.5.0.

LAYER: meta
PACKAGE NAME: libsndfile1
PACKAGE VERSION: 1.2.2
CVE: CVE-2025-52194
CVE STATUS: Unpatched
CVE SUMMARY: A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.

LAYER: meta-virtualization
PACKAGE NAME: runc-opencontainers
PACKAGE VERSION: 1.1.14+git
CVE: CVE-2025-52565
CVE STATUS: Unpatched
CVE SUMMARY: runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.

LAYER: meta-virtualization
PACKAGE NAME: runc-opencontainers
PACKAGE VERSION: 1.1.14+git
CVE: CVE-2025-52881
CVE STATUS: Unpatched
CVE SUMMARY: runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.

LAYER: meta-virtualization
PACKAGE NAME: docker-moby
PACKAGE VERSION: 25.0.9+gita926bec8fc91332410133b24f3e9e3f5add13b48
CVE: CVE-2025-54410
CVE STATUS: Unpatched
CVE SUMMARY: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between containers that should be isolated, creating significant risk in multi-tenant environments. Only containers in --internal networks remain protected.

LAYER: meta
PACKAGE NAME: libsndfile1
PACKAGE VERSION: 1.2.2
CVE: CVE-2025-56226
CVE STATUS: Unpatched
CVE SUMMARY: Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3_encoder_init() function within the mpeg_l3_encode.c file.

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-58147
CVE STATUS: Unpatched
CVE SUMMARY: [This CNA information record relates to multiple CVEs; the

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-58148
CVE STATUS: Unpatched
CVE SUMMARY: [This CNA information record relates to multiple CVEs; the

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-58149
CVE STATUS: Unpatched
CVE SUMMARY: When passing through PCI devices, the detach logic in libxl won't remove

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2025-58150
CVE STATUS: Unpatched
CVE SUMMARY: Shadow mode tracing code uses a set of per-CPU variables to avoid

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2025-59529
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although `CLIENTS_MAX` is defined, `server_work()` unconditionally `accept()`s and `client_new()` always appends the new client and increments `n_clients`. There is no check against the limit. When client cannot be accepted as a result of maximal socket number of avahi-daemon, it logs unconditionally error per each connection. Unprivileged local users can exhaust daemon memory and file descriptors, causing a denial of service system-wide for mDNS/DNS-SD. Exhausting local file descriptors causes increased system load caused by logging errors of each of request. Overloading prevents glibc calls using nss-mdns plugins to resolve `*.local.` names and link-local addresses. As of time of publication, no known patched versions are available, but a candidate fix is available in pull request 808, and some workarounds are available. Simple clients are offered for nss-mdns package functionality. It is not possible to disable the unix socket `/run/avahi-daemon/socket`, but resolution requests received via DBus are not affected directly. Tools avahi-resolve, avahi-resolve-address and avahi-resolve-host-name are not affected, they use DBus interface. It is possible to change permissions of unix socket after avahi-daemon is started. But avahi-daemon does not provide any configuration for it. Additional access restrictions like SELinux can also prevent unwanted tools to access the socket and keep resolution working for trusted users.

LAYER: meta
PACKAGE NAME: busybox
PACKAGE VERSION: 1.36.1
CVE: CVE-2025-60876
CVE STATUS: Unpatched
CVE SUMMARY: BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).

LAYER: meta
PACKAGE NAME: tiff
PACKAGE VERSION: 4.6.0
CVE: CVE-2025-61143
CVE STATUS: Unpatched
CVE SUMMARY: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c.

LAYER: meta
PACKAGE NAME: tiff
PACKAGE VERSION: 4.6.0
CVE: CVE-2025-61144
CVE STATUS: Unpatched
CVE SUMMARY: libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function.

LAYER: meta
PACKAGE NAME: tiff
PACKAGE VERSION: 4.6.0
CVE: CVE-2025-61145
CVE STATUS: Unpatched
CVE SUMMARY: libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-61726
CVE STATUS: Unpatched
CVE SUMMARY: The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-61728
CVE STATUS: Unpatched
CVE SUMMARY: archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-61730
CVE STATUS: Unpatched
CVE SUMMARY: During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-61731
CVE STATUS: Unpatched
CVE SUMMARY: Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a "--log-file" argument to this directive, causing pkg-config to write to an attacker-controlled location.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-61732
CVE STATUS: Unpatched
CVE SUMMARY: A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2025-66382
CVE STATUS: Unpatched
CVE SUMMARY: In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2025-66476
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves external commands by searching the current working directory before system paths. When Vim invokes tools such as findstr for :grep, external commands or filters via :!, or compiler/:make commands, it may inadvertently run a malicious executable present in the same directory as the file being edited. The issue affects Vim for Windows prior to version 9.1.1947.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-68119
CVE STATUS: Unpatched
CVE SUMMARY: Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected code execution due to how external VCS commands are constructed. This issue can also be triggered by providing a malicious version string to the toolchain. On systems with Git installed, downloading and building modules with malicious version strings can allow an attacker to write to arbitrary files on the filesystem. This can only be triggered by explicitly providing the malicious version strings to the toolchain and does not affect usage of @latest or bare module paths.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2025-68121
CVE STATUS: Unpatched
CVE SUMMARY: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2025-68276
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, an unprivileged local users can crash avahi-daemon (with wide-area disabled) by creating record browsers with the AVAHI_LOOKUP_USE_WIDE_AREA flag set via D-Bus. This can be done by either calling

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2025-68468
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they expire avahi-daemon crashes.

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2025-68471
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending 2 unsolicited announcements with CNAME resource records 2 seconds apart.

LAYER: meta
PACKAGE NAME: gnupg
PACKAGE VERSION: 2.4.8
CVE: CVE-2025-68972
CVE STATUS: Unpatched
CVE SUMMARY: In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

LAYER: meta
PACKAGE NAME: gnupg
PACKAGE VERSION: 2.4.8
CVE: CVE-2025-68973
CVE STATUS: Unpatched
CVE SUMMARY: In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69644
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless output until manually interrupted. This issue affects versions prior to the upstream fix and allows a local attacker to cause excessive resource consumption by supplying a malicious input file.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69647
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an unbounded output loop that never terminates unless externally interrupted. A local attacker can trigger this behavior by supplying a malicious input file, causing excessive CPU and I/O usage and preventing readelf from completing its analysis.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69648
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a non-terminating output loop that requires manual interruption. No evidence of memory corruption or code execution was observed.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69649
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69650
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service. NOTE: this is disputed by third parties because the observed behavior occurred only in pre-release code and did not affect any tagged version.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69651
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service. NOTE: this is disputed by third parties because the observed behavior occurred only in pre-release code and did not affect any tagged version.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2025-69652
CVE STATUS: Unpatched
CVE SUMMARY: GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service.

LAYER: meta
PACKAGE NAME: ncurses
PACKAGE VERSION: 6.4
CVE: CVE-2025-69720
CVE STATUS: Unpatched
CVE SUMMARY: The infocmp command-line tool in ncurses before 6.5-20251213 has a stack-based buffer overflow in analyze_string in progs/infocmp.c.

LAYER: meta
PACKAGE NAME: sqlite3
PACKAGE VERSION: 3_3.45.3
CVE: CVE-2025-70873
CVE STATUS: Unpatched
CVE SUMMARY: An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71074
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71229
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71230
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71231
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71232
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71233
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71234
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71235
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71236
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71237
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71238
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71239
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71265
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71266
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71267
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71271
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71272
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71273
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71274
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71285
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71286
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71287
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71288
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71289
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71290
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71291
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71292
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71293
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71294
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71295
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71296
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71297
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71298
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71299
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71300
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71301
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2025-71302
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-0819
CVE STATUS: Unpatched
CVE SUMMARY: A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc_PKCS7_BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to EncodeAttributes() instead of the remaining available space in the fixed-size signedAttribs[7] array. When an application sets pkcs7->signedAttribsSz to a value greater than MAX_SIGNED_ATTRIBS_SZ (default 7) minus the number of default attributes already added, EncodeAttributes() writes beyond the array bounds, causing stack memory corruption. In WOLFSSL_SMALL_STACK builds, this becomes heap corruption. Exploitation requires an application that allows untrusted input to control the signedAttribs array size when calling wc_PKCS7_EncodeSignedData() or related signing functions.

LAYER: meta-oe
PACKAGE NAME: protobuf
PACKAGE VERSION: 4.25.8
CVE: CVE-2026-0994
CVE STATUS: Unpatched
CVE SUMMARY: A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python, where the max_recursion_depth limit can be bypassed when parsing nested google.protobuf.Any messages.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-1005
CVE STATUS: Unpatched
CVE SUMMARY: Integer underflow in wolfSSL packet sniffer <= 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing heap buffer overflow and a crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-1467
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-1467
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-1536
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-1536
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without requiring authentication or user interaction.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-1539
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-1539
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different host. As a result, sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP communication may unintentionally expose proxy authentication data.

LAYER: meta
PACKAGE NAME: gnutls
PACKAGE VERSION: 3.8.4
CVE: CVE-2026-1584
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-1801
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters instead of the required carriage return and line feed (CRLF). A remote attacker can exploit this without authentication or user interaction by sending specially crafted chunked requests. This allows libsoup to parse and process multiple HTTP requests from a single network message, potentially leading to information disclosure.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-1801
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters instead of the required carriage return and line feed (CRLF). A remote attacker can exploit this without authentication or user interaction by sending specially crafted chunked requests. This allows libsoup to parse and process multiple HTTP requests from a single network message, potentially leading to information disclosure.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-1940
CVE STATUS: Unpatched
CVE SUMMARY: An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_ROUND_UP_2(lsize) used in the actual offset calculation. When lsize is an odd number, the parser advances more bytes than validated, causing OOB read.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-1965
CVE STATUS: Unpatched
CVE SUMMARY: libcurl can in some circumstances reuse the wrong connection when asked to do

LAYER: meta
PACKAGE NAME: harfbuzz
PACKAGE VERSION: 8.3.0
CVE: CVE-2026-22693
CVE STATUS: Unpatched
CVE SUMMARY: HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. The function fails to check if hb_malloc returns NULL before using placement new to construct an object at the returned pointer address. When hb_malloc fails to allocate memory (which can occur in low-memory conditions or when using custom allocators that simulate allocation failures), it returns NULL. The code then attempts to call the constructor on this null pointer using placement new syntax, resulting in undefined behavior and a Segmentation Fault. This issue has been patched in version 12.3.0.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23220
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23221
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23222
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23223
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23224
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23226
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23227
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23228
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23229
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23230
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23231
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23233
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23234
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23235
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23236
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23237
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23238
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23239
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23240
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23241
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23242
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23243
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23244
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23245
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23246
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23247
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23248
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23249
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23250
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23251
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23252
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23253
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23265
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23266
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23267
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23268
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23269
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23270
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23271
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23272
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23273
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23274
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23275
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23276
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23277
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23278
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23279
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23280
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23281
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23282
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23284
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23285
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23286
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23287
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23289
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23290
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23291
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23292
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23293
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23294
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23296
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23297
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23298
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23299
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23300
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23302
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23303
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23304
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23305
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23306
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23307
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23308
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23310
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23311
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23312
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23313
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23314
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23315
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23316
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23317
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23318
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23319
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23321
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23322
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23324
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23325
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23326
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23327
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23328
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23329
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23330
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23331
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23332
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23334
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23335
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23336
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23338
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23339
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23340
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23342
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23343
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23345
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23346
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23347
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23348
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23349
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23351
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23352
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23354
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23356
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23357
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23358
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23359
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23360
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23361
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23362
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23363
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23364
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23365
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23366
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23367
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23368
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23369
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23370
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23371
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23372
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23373
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23374
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23375
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23376
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23377
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23378
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23379
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23380
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23381
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23382
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23383
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23384
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23385
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23386
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23387
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23388
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23389
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23390
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23391
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23392
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23393
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23394
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23395
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23396
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23397
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23398
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23399
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23400
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23401
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23402
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23403
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23404
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23405
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23406
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23407
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23408
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23409
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23410
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23411
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23412
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23413
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23414
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23415
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23416
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23417
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23418
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23419
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23420
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23421
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23422
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23423
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23424
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23425
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23426
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23427
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23428
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23429
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23430
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23431
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23434
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23435
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23436
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23437
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23438
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23439
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23440
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23441
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23442
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23444
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23445
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23446
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23447
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23448
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23449
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23450
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23452
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23454
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23455
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23456
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23457
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23458
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23459
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23460
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23461
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23462
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23463
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23464
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23465
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23466
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23467
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23468
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23469
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23470
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23472
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23474
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-23475
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2026-23553
CVE STATUS: Unpatched
CVE SUMMARY: In the context switch logic Xen attempts to skip an IBPB in the case of

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2026-23554
CVE STATUS: Unpatched
CVE SUMMARY: The Intel EPT paging code uses an optimization to defer flushing of any cached

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2026-23555
CVE STATUS: Unpatched
CVE SUMMARY: Any guest issuing a Xenstore command accessing a node using the

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2026-23557
CVE STATUS: Unpatched
CVE SUMMARY: Any guest can cause xenstored to crash by issuing a XS_RESET_WATCHES

LAYER: meta-xilinx-virtualization
PACKAGE NAME: xen
PACKAGE VERSION: 4.21.0+stable-xilinx+git
CVE: CVE-2026-23558
CVE STATUS: Unpatched
CVE SUMMARY: The adjustments made for XSA-379 as well as those subsequently becoming

LAYER: meta
PACKAGE NAME: libusb1
PACKAGE VERSION: 1.0.27
CVE: CVE-2026-23679
CVE STATUS: Unpatched
CVE SUMMARY: libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength exceeds the remaining buffer size, causing parse_interface() to return early without allocating the endpoint array. Attackers can exploit this flaw through libusb_get_active_config_descriptor or libusb_get_config_descriptor by providing crafted descriptors via virtualized USB passthrough, file-based descriptor parsing, or network sources, causing any application iterating over endpoints to dereference a NULL endpoint pointer and crash.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-2369
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-2369
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

LAYER: meta
PACKAGE NAME: freetype
PACKAGE VERSION: 2.13.2
CVE: CVE-2026-23865
CVE STATUS: Unpatched
CVE SUMMARY: An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-2436
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-2436
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup's SoupServer. A remote attacker could exploit a use-after-free vulnerability where the `soup_server_disconnect()` function frees connection objects prematurely, even if a TLS handshake is still pending. If the handshake completes after the connection object has been freed, a dangling pointer is accessed, leading to a server crash and a Denial of Service.

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2026-24401
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonical name point to the same domain (e.g., "h.local" as a CNAME for "h.local"). This causes unbounded recursion in the lookup_handle_cname function, leading to stack exhaustion. The vulnerability affects record browsers where AVAHI_LOOKUP_USE_MULTICAST is set explicitly, which includes record browsers created by resolvers used by nss-mdns. This issue is patched in commit 78eab31128479f06e30beb8c1cbf99dd921e2524.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-2443
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-2443
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server memory beyond the intended response. Exploitation requires a vulnerable configuration and access to a server using the embedded SoupServer component.

LAYER: meta
PACKAGE NAME: python3-requests
PACKAGE VERSION: 2.32.4
CVE: CVE-2026-25645
CVE STATUS: Unpatched
CVE SUMMARY: Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could pre-create a malicious file that would be loaded in place of the legitimate one. Standard usage of the Requests library is not affected by this vulnerability. Only applications that call `extract_zipped_paths()` directly are impacted. Starting in version 2.33.0, the library extracts files to a non-deterministic location. If developers are unable to upgrade, they can set `TMPDIR` in their environment to a directory with restricted write access.

LAYER: meta
PACKAGE NAME: libpng
PACKAGE VERSION: 1.6.42
CVE: CVE-2026-25646
CVE STATUS: Unpatched
CVE SUMMARY: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no histogram and the number of colors in the palette is more than twice the maximum supported by the user's display, certain palettes will cause the function to enter into an infinite loop that reads past the end of an internal heap-allocated buffer. The images that trigger this vulnerability are valid per the PNG specification. This vulnerability is fixed in 1.6.55.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-25679
CVE STATUS: Unpatched
CVE SUMMARY: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-25749
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the get_tagfname() function in src/tag.c. When processing help file tags, Vim copies the user-controlled 'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1 bytes (typically 4097 bytes) using an unsafe STRCPY() operation without any bounds checking. This issue has been patched in version 9.1.2132.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-26269
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans feature. The Stack buffer overflow exists in special_keys() (in src/netbeans.c). The while (*tok) loop writes two bytes per iteration into a 64-byte stack buffer (keybuf) with no bounds check. A malicious NetBeans server can overflow keybuf with a single specialKeys command. The issue has been fixed as of Vim patch v9.1.2148.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-2645
CVE STATUS: Unpatched
CVE SUMMARY: In wolfSSL 5.8.2 and earlier, a logic flaw existed in the TLS 1.2 server state machine implementation. The server could incorrectly accept the CertificateVerify message before the ClientKeyExchange message had been received. This issue affects wolfSSL before 5.8.4 (wolfSSL 5.8.2 and earlier is vulnerable, 5.8.4 is not vulnerable). In 5.8.4 wolfSSL would detect the issue later in the handshake. 5.9.0 was further hardened to catch the issue earlier in the handshake.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-2646
CVE STATUS: Unpatched
CVE SUMMARY: A heap-buffer-overflow vulnerability exists in wolfSSL's wolfSSL_d2i_SSL_SESSION() function. When deserializing session data with SESSION_CERTS enabled, certificate and session id lengths are read from an untrusted input without bounds validation, allowing an attacker to overflow fixed-size buffers and corrupt heap memory. A maliciously crafted session would need to be loaded from an external source to trigger this vulnerability. Internal sessions were not vulnerable.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-2708
CVE STATUS: Unpatched
CVE SUMMARY: A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-2708
CVE STATUS: Unpatched
CVE SUMMARY: A request smuggling vulnerability exists in libsoup's HTTP/1 header parsing logic. The soup_message_headers_append_common() function in libsoup/soup-message-headers.c unconditionally appends each header value without validating for duplicate or conflicting Content-Length fields. This allows an attacker to send HTTP requests containing multiple Content-Length headers with differing values.

LAYER: meta
PACKAGE NAME: nghttp2
PACKAGE VERSION: 1.61.0
CVE: CVE-2026-27135
CVE STATUS: Unpatched
CVE SUMMARY: nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API `nghttp2_session_terminate_session` or `nghttp2_session_terminate_session2` is called by the application. They might be called internally by the library when it detects the situation that is subject to connection error. Due to the missing internal state validation, the library keeps reading the rest of the data after one of those APIs is called. Then receiving a malformed frame that causes FRAME_SIZE_ERROR causes assertion failure. nghttp2 v1.68.1 adds missing state validation to avoid assertion failure. No known workarounds are available.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-27139
CVE STATUS: Unpatched
CVE SUMMARY: On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-27140
CVE STATUS: Unpatched
CVE SUMMARY: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-27142
CVE STATUS: Unpatched
CVE SUMMARY: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-27143
CVE STATUS: Unpatched
CVE SUMMARY: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-27144
CVE STATUS: Unpatched
CVE SUMMARY: The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.

LAYER: meta
PACKAGE NAME: zlib
PACKAGE VERSION: 1.3.1
CVE: CVE-2026-27171
CVE STATUS: Unpatched
CVE SUMMARY: zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.

LAYER: meta-xilinx-core
PACKAGE NAME: util-linux
PACKAGE VERSION: 2.40.4
CVE: CVE-2026-27456
CVE STATUS: Unpatched
CVE SUMMARY: util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.
--
LAYER: meta-xilinx-core
PACKAGE NAME: util-linux-libuuid
PACKAGE VERSION: 2.40.4
CVE: CVE-2026-27456
CVE STATUS: Unpatched
CVE SUMMARY: util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28417
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the `scp://` protocol handler), an attacker can execute arbitrary shell commands with the privileges of the Vim process. Version 9.2.0073 fixes the issue.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28418
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundary. Version 9.2.0074 fixes the issue.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28419
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file where a delimiter appears at the start of a line, Vim attempts to read memory immediately preceding the allocated buffer. Version 9.2.0075 fixes the issue.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28420
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28421
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim's swap file recovery logic. Both are caused by unvalidated fields read from crafted pointer blocks within a swap file. Version 9.2.0077 fixes the issue.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-28422
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a statusline with a multi-byte fill character on a very wide terminal. Version 9.2.0078 patches the issue.

LAYER: meta
PACKAGE NAME: systemd
PACKAGE VERSION: 1_255.21
CVE: CVE-2026-29111
CVE STATUS: Unpatched
CVE SUMMARY: systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-2920
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-2921
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer RIFF Palette Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-2922
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-2923
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer DVB Subtitles Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-29518
CVE STATUS: Unpatched
CVE SUMMARY: Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path can exploit this race condition to create or overwrite arbitrary files, potentially modifying sensitive system files and achieving privilege escalation when the daemon runs with elevated privileges. This vulnerability can only be triggered if the chroot setting is false.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3081
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer H.266 Codec Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3082
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3083
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer rtpqdm2depay Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3084
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer H.266 Codec Parser Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3085
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: gstreamer1.0
PACKAGE VERSION: 1_1.22.12+git
CVE: CVE-2026-3086
CVE STATUS: Unpatched
CVE SUMMARY: GStreamer H.266 Codec Parser Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2026-3087
CVE STATUS: Unpatched
CVE SUMMARY: If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30997
CVE STATUS: Unpatched
CVE SUMMARY: An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
--
LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30998
CVE STATUS: Unpatched
CVE SUMMARY: An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.
--
LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30999
CVE STATUS: Unpatched
CVE SUMMARY: A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.
--
LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-3099
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-3099
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in Libsoup. The server-side digest authentication implementation in the SoupAuthDomainDigest class does not properly track issued nonces or enforce the required incrementing nonce-count (nc) attribute. This vulnerability allows a remote attacker to capture a single valid authentication header and replay it repeatedly. Consequently, the attacker can bypass authentication and gain unauthorized access to protected resources, impersonating the legitimate user.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30997
CVE STATUS: Unpatched
CVE SUMMARY: An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30998
CVE STATUS: Unpatched
CVE SUMMARY: An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted input file.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-30999
CVE STATUS: Unpatched
CVE SUMMARY: A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31389
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31390
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31391
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31392
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31393
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31394
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31395
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31396
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31397
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31398
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31399
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31400
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31401
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31402
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31403
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31404
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31405
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31406
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31407
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31408
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31409
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31410
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31411
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31412
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31414
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31415
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31416
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31417
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31418
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31419
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31420
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31421
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31422
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31423
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31424
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31425
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31426
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31427
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31428
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31429
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31430
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31431
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31432
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31433
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31434
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31435
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31436
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31438
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31439
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31440
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31441
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31442
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31443
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31445
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31446
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31447
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31448
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31449
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31450
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31451
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31452
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31453
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31454
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31455
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31456
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31457
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31458
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31459
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31461
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31462
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31464
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31465
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31466
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31467
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31469
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31470
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31471
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31472
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31473
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31474
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31475
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31476
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31477
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31478
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31479
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31480
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31482
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31483
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31485
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31486
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31487
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31488
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31489
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31491
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31492
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31493
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31494
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31495
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31496
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31497
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31498
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31499
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31500
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31501
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31502
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31503
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31504
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31505
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31506
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31507
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31508
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31509
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31510
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31511
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31512
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31515
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31516
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31517
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31518
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31519
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31520
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31521
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31522
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31523
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31524
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31525
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31526
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31527
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31528
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31530
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31531
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31532
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31533
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31535
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31536
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31537
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31538
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31539
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31540
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31541
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31542
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31543
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31544
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31545
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31546
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31548
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31549
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31550
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31551
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31552
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31554
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31555
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31556
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31557
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31558
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31559
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31560
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31561
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31562
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31563
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31565
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31566
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31567
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31568
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31569
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31570
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31571
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31572
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31575
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31576
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31577
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31578
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31579
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31580
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31581
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31582
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31583
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31584
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31585
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31586
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31587
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31588
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31589
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31590
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31591
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31592
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31593
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31594
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31595
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31596
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31597
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31598
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31599
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31600
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31602
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31603
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31604
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31605
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31606
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31607
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31608
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31609
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31610
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31611
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31612
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31613
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31614
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31615
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31616
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31617
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31618
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31619
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31620
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31622
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31623
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31624
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31625
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31626
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31627
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31628
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31629
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31630
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31631
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31632
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31633
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31634
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31635
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31636
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31637
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31638
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31639
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31640
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31641
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31642
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31643
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31644
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31645
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31646
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31647
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31648
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31649
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31650
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31651
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31652
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31653
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31655
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31656
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31657
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31658
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31659
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31660
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31661
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31662
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31663
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31664
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31665
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31666
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31667
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31668
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31669
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31670
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31671
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31672
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31673
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31674
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31675
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31676
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31677
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31678
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31679
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31680
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31681
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31682
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31683
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31684
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31685
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31686
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31687
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31688
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31689
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31690
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31691
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31692
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31693
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31694
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31695
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31696
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31697
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31698
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31699
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31700
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31701
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31702
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31703
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31704
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31705
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31706
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31707
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31708
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31709
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31711
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31712
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31713
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31714
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31715
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31716
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31717
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31718
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31719
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31720
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31721
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31722
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31723
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31724
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31725
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31726
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31728
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31729
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31730
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31731
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31732
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31733
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31734
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31736
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31737
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31738
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31739
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31740
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31741
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31743
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31746
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31747
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31748
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31749
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31751
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31752
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31754
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31755
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31756
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31757
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31758
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31759
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31760
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31761
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31762
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31763
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31765
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31766
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31767
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31768
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31769
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31770
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31771
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31772
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31773
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31774
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31777
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31778
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31779
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31780
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31781
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31782
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31783
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31784
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31786
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31787
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-31788
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: util-linux
PACKAGE VERSION: 2.40.4
CVE: CVE-2026-3184
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.
--
LAYER: meta-xilinx-core
PACKAGE NAME: util-linux-libuuid
PACKAGE VERSION: 2.40.4
CVE: CVE-2026-3184
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32280
CVE STATUS: Unpatched
CVE SUMMARY: During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32281
CVE STATUS: Unpatched
CVE SUMMARY: Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32282
CVE STATUS: Unpatched
CVE SUMMARY: On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32283
CVE STATUS: Unpatched
CVE SUMMARY: If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32288
CVE STATUS: Unpatched
CVE SUMMARY: tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-32289
CVE STATUS: Unpatched
CVE SUMMARY: Context was not properly tracked across template branches for JS template literals, leading to possibly incorrect escaping of content when branches were used. Additionally template actions within JS template literals did not properly track the brace depth, leading to incorrect escaping being applied. These issues could cause actions within JS template literals to be incorrectly or improperly escaped, leading to XSS vulnerabilities.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3229
CVE STATUS: Unpatched
CVE SUMMARY: An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3230
CVE STATUS: Unpatched
CVE SUMMARY: Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.

LAYER: meta
PACKAGE NAME: libexif
PACKAGE VERSION: 0.6.24
CVE: CVE-2026-32775
CVE STATUS: Unpatched
CVE SUMMARY: libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exif_mnote_data_get_value function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-32776
CVE STATUS: Unpatched
CVE SUMMARY: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-32777
CVE STATUS: Unpatched
CVE SUMMARY: libexpat before 2.7.5 allows an infinite loop while parsing DTD content.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-32778
CVE STATUS: Unpatched
CVE SUMMARY: libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-33412
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob() function on Unix-like systems. By including a newline character (\n) in a pattern passed to glob(), an attacker may be able to execute arbitrary shell commands. This vulnerability depends on the user's 'shell' setting. This issue has been patched in version 9.2.0202.

LAYER: meta
PACKAGE NAME: libpng
PACKAGE VERSION: 1.6.42
CVE: CVE-2026-33416
CVE STATUS: Unpatched
CVE SUMMARY: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present since at least libpng 1.0, and the `palette` aliasing since at least 1.2.1. Both affect all prior release lines `png_set_tRNS` sets `png_ptr->trans_alpha = info_ptr->trans_alpha` (256-byte buffer) and `png_set_PLTE` sets `info_ptr->palette = png_ptr->palette` (768-byte buffer). In both cases, calling `png_free_data` (with `PNG_FREE_TRNS` or `PNG_FREE_PLTE`) frees the buffer through `info_ptr` while the corresponding `png_ptr` pointer remains dangling. Subsequent row-transform functions dereference and, in some code paths, write to the freed memory. A second call to `png_set_tRNS` or `png_set_PLTE` has the same effect, because both functions call `png_free_data` internally before reallocating the `info_ptr` buffer. Version 1.6.56 fixes the issue.

LAYER: meta
PACKAGE NAME: libpng
PACKAGE VERSION: 1.6.42
CVE: CVE-2026-33636
CVE STATUS: Unpatched
CVE SUMMARY: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that enough input pixels remain. Because the implementation works backward from the end of the row, the final iteration dereferences pointers before the start of the row buffer (OOB read) and writes expanded pixel data to the same underflowed positions (OOB write). This is reachable via normal decoding of attacker-controlled PNG input if Neon is enabled. Version 1.6.56 fixes the issue.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-33811
CVE STATUS: Unpatched
CVE SUMMARY: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-33814
CVE STATUS: Unpatched
CVE SUMMARY: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.

LAYER: meta
PACKAGE NAME: gnutls
PACKAGE VERSION: 3.8.4
CVE: CVE-2026-33845
CVE STATUS: Unpatched
CVE SUMMARY: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

LAYER: meta-virtualization
PACKAGE NAME: docker-moby
PACKAGE VERSION: 25.0.9+gita926bec8fc91332410133b24f3e9e3f5add13b48
CVE: CVE-2026-33997
CVE STATUS: Unpatched
CVE SUMMARY: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.

LAYER: meta
PACKAGE NAME: xserver-xorg
PACKAGE VERSION: 2_21.1.18
CVE: CVE-2026-34000
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server, either locally or remotely, can exploit this without user interaction. This could lead to the disclosure of memory contents or cause a denial of service by crashing the server.

LAYER: meta
PACKAGE NAME: xserver-xorg
PACKAGE VERSION: 2_21.1.18
CVE: CVE-2026-34002
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory boundaries. This can lead to the exposure of sensitive information or cause the server to crash, resulting in a denial of service.

LAYER: meta-virtualization
PACKAGE NAME: docker-moby
PACKAGE VERSION: 25.0.9+gita926bec8fc91332410133b24f3e9e3f5add13b48
CVE: CVE-2026-34040
CVE STATUS: Unpatched
CVE SUMMARY: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-3441
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker can trigger this flaw, potentially leading to information disclosure or an application level denial of service.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-3442
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may lead to the disclosure of sensitive information or cause the application to crash, resulting in an application level denial of service.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-34714
CVE STATUS: Unpatched
CVE SUMMARY: Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted file in the default configuration, because %{expr} injection occurs with tabpanel lacking P_MLE.

LAYER: meta
PACKAGE NAME: xz
PACKAGE VERSION: 5.4.7
CVE: CVE-2026-34743
CVE STATUS: Unpatched
CVE SUMMARY: XZ Utils provide a general-purpose data-compression library plus command-line tools. Prior to version 5.8.3, if lzma_index_decoder() was used to decode an Index that contained no Records, the resulting lzma_index was left in a state where where a subsequent lzma_index_append() would allocate too little memory, and a buffer overflow would occur. This issue has been patched in version 5.8.3.

LAYER: meta
PACKAGE NAME: libpng
PACKAGE VERSION: 1.6.42
CVE: CVE-2026-34757
CVE STATUS: Unpatched
CVE SUMMARY: LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from png_get_PLTE, png_get_tRNS, or png_get_hIST back into the corresponding setter on the same png_struct/png_info pair causes the setter to read from freed memory and copy its contents into the replacement buffer. The setter frees the internal buffer before copying from the caller-supplied pointer, which now dangles. The freed region may contain stale data (producing silently corrupted chunk metadata) or data from subsequent heap allocations (leaking unrelated heap contents into the chunk struct). This vulnerability is fixed in 1.6.57.

LAYER: meta
PACKAGE NAME: avahi
PACKAGE VERSION: 0.8
CVE: CVE-2026-34933
CVE STATUS: Unpatched
CVE SUMMARY: Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version 0.9-rc4.

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-3497
CVE STATUS: Unpatched
CVE SUMMARY: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-34982
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a modeline to be executed. Additionally, the `mapset()` function lacks a `check_secure()` call, allowing it to be abused from sandboxed expressions. Commit 9.2.0276 fixes the issue.

LAYER: meta
PACKAGE NAME: libinput
PACKAGE VERSION: 1.25.0
CVE: CVE-2026-35093
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same permissions as the program using libinput, such as a graphical compositor. This could lead to the attacker monitoring keyboard input and sending that information to an external location.

LAYER: meta
PACKAGE NAME: libinput
PACKAGE VERSION: 1.25.0
CVE: CVE-2026-35094
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could potentially expose sensitive data if the memory location is re-used, leading to information disclosure. For this exploit to work, Lua plugins must be enabled in libinput and loaded by the compositor.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-35177
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows overwriting of arbitrary files when opening specially crafted zip archives, circumventing the previous fix for CVE-2025-53906. This vulnerability is fixed in 9.2.0280.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35341
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up set_permissions call. This results in the existing file's permissions being changed to the default mode (often 644 after umask), potentially exposing sensitive files such as SSH private keys to other users on the system.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35344
CVE STATUS: Unpatched
CVE SUMMARY: The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directories caused by full disks or read-only file systems. This can lead to silent data corruption in backup or migration scripts, as the utility may report a successful operation even when the destination file contains old or garbage data.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35345
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the contents of the link's target. In environments where a privileged user (e.g., root) monitors a log directory, a local attacker with write access to that directory can replace a log file with a symlink to a sensitive system file (such as /etc/shadow), causing tail to disclose the contents of the sensitive file.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35348
CVE STATUS: Unpatched
CVE SUMMARY: The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect(), causing an immediate crash when encountering valid but non-UTF-8 paths. This diverges from GNU sort, which treats filenames as raw bytes. A local attacker can exploit this to crash the utility and disrupt automated pipelines.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35350
CVE STATUS: Unpatched
CVE SUMMARY: The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p (preserve) flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining original privileged bits, creating unexpected privileged executables that violate local security policies. This differs from GNU cp, which clears these bits when ownership cannot be preserved.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35351
CVE STATUS: Unpatched
CVE SUMMARY: The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and migrations, causing files moved by a privileged user (e.g., root) to become root-owned unexpectedly, which can lead to information disclosure or restricted access for the intended owners.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35352
CVE STATUS: Unpatched
CVE SUMMARY: A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link between these two operations. This redirects the chmod call to an arbitrary file, potentially enabling privilege escalation if the utility is run with elevated privileges.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35354
CVE STATUS: Unpatched
CVE SUMMARY: A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute (xattr) preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with write access to the directory can exploit this race to swap files between calls, causing the destination file to receive an inconsistent mix of security xattrs, such as SELinux labels or file capabilities.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35357
CVE STATUS: Unpatched
CVE SUMMARY: The cp utility in uutils coreutils is vulnerable to an information disclosure race condition. Destination files are initially created with umask-derived permissions (e.g., 0644) before being restricted to their final mode (e.g., 0600) later in the process. A local attacker can race to open the file during this window; once obtained, the file descriptor remains valid and readable even after the permissions are tightened, exposing sensitive or private file contents.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35359
CVE STATUS: Unpatched
CVE SUMMARY: A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utility of uutils coreutils allows an attacker to bypass no-dereference intent. The utility checks if a source path is a symbolic link using path-based metadata but subsequently opens it without the O_NOFOLLOW flag. An attacker with concurrent write access can swap a regular file for a symbolic link during this window, causing a privileged cp process to copy the contents of arbitrary sensitive files into a destination controlled by the attacker.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35360
CVE STATUS: Unpatched
CVE SUMMARY: The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create(), which internally uses O_TRUNC. An attacker can exploit this window to create a file or swap a symlink at the target path, causing touch to truncate an existing file and leading to permanent data loss.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35363
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect the current directory. While the utility correctly refuses to delete . or .., it fails to recognize equivalent paths with trailing slashes, such as ./ or .///. An accidental or malicious execution of rm -rf ./ results in the silent recursive deletion of all contents within the current directory. The command further obscures the data loss by reporting a misleading 'Invalid input' error, which may cause users to miss the critical window for data recovery.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35364
CVE STATUS: Unpatched
CVE SUMMARY: A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit this window to replace the destination with a symbolic link. The subsequent privileged move operation will follow the symlink, allowing the attacker to redirect the write and overwrite an arbitrary target file with contents from the source.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35367
CVE STATUS: Unpatched
CVE SUMMARY: The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typically resulting in a world-readable file (0644). In multi-user environments, this allows any user on the system to read the captured stdout/stderr output of a command, potentially exposing sensitive information. This behavior diverges from GNU coreutils, which creates nohup.out with owner-only (0600) permissions.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35368
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch (NSS) to load shared libraries (e.g., libnss_*.so.2) from the new root directory. If the NEWROOT is writable by an attacker, they can inject a malicious NSS module to execute arbitrary code as root, facilitating a full container escape or privilege escalation.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35370
CVE STATUS: Unpatched
CVE SUMMARY: The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes rely on the output of id to make security-critical access-control or permission decisions, this discrepancy can lead to unauthorized access or security misconfigurations.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35371
CVE STATUS: Unpatched
CVE SUMMARY: The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleading diagnostic output that can cause automated scripts or system administrators to make incorrect decisions regarding file permissions or access control.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35373
CVE STATUS: Unpatched
CVE SUMMARY: A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., ln SOURCE... DIRECTORY). While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation enforces UTF-8 encoding, resulting in a failure to stat the file and a non-zero exit code. In environments where automated scripts or system tasks process valid but non-UTF-8 filenames common on Unix filesystems, this divergence causes the utility to fail, leading to a local denial of service for those specific operations.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35374
CVE STATUS: Unpatched
CVE SUMMARY: A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently opens the output file with truncation after this path-based validation is complete. A local attacker with write access to the directory can exploit this race window by manipulating mutable path components (e.g., swapping a path with a symbolic link). This can cause split to truncate and write to an unintended target file, potentially including the input file itself or other sensitive files accessible to the process, leading to permanent data loss.

LAYER: meta
PACKAGE NAME: coreutils
PACKAGE VERSION: 9.4
CVE: CVE-2026-35377
CVE STATUS: Unpatched
CVE SUMMARY: A logic error in the env utility of uutils coreutils causes a failure to correctly parse command-line arguments when utilizing the -S (split-string) option. In GNU env, backslashes within single quotes are treated literally (with the exceptions of \\ and \'). However, the uutils implementation incorrectly attempts to validate these sequences, resulting in an "invalid sequence" error and an immediate process termination with an exit status of 125 when encountering valid but unrecognized sequences like \a or \x. This divergence from GNU behavior breaks compatibility for automated scripts and administrative workflows that rely on standard split-string semantics, leading to a local denial of service for those operations.

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-35385
CVE STATUS: Unpatched
CVE SUMMARY: In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-35386
CVE STATUS: Unpatched
CVE SUMMARY: In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-35387
CVE STATUS: Unpatched
CVE SUMMARY: OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-35388
CVE STATUS: Unpatched
CVE SUMMARY: OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.

LAYER: meta
PACKAGE NAME: openssh
PACKAGE VERSION: 9.6p1
CVE: CVE-2026-35414
CVE STATUS: Unpatched
CVE SUMMARY: OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3547
CVE STATUS: Unpatched
CVE SUMMARY: Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled (HAVE_ALPN / --enable-alpn). A crafted ALPN protocol list could trigger an out-of-bounds read, leading to a potential process crash (denial of service). Note that ALPN is disabled by default, but is enabled for these 3rd party compatibility features: enable-apachehttpd, enable-bind, enable-curl, enable-haproxy, enable-hitch, enable-lighty, enable-jni, enable-nginx, enable-quic.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3548
CVE STATUS: Unpatched
CVE SUMMARY: Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of bound writes could be triggered. Note this only affects builds that specifically enable CRL support, and the user would need to load a CRL from an untrusted source.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3549
CVE STATUS: Unpatched
CVE SUMMARY: Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.

LAYER: meta
PACKAGE NAME: sudo
PACKAGE VERSION: 1.9.17p1
CVE: CVE-2026-35535
CVE STATUS: Unpatched
CVE SUMMARY: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-3632
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-3632
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-3633
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-3633
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-3634
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-3634
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2026-3644
CVE STATUS: Unpatched
CVE SUMMARY: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update(), |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.js_output() lacked the output validation applied to BaseCookie.output().

LAYER: meta
PACKAGE NAME: libsndfile1
PACKAGE VERSION: 1.2.2
CVE: CVE-2026-37555
CVE STATUS: Unpatched
CVE SUMMARY: An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-3783
CVE STATUS: Unpatched
CVE SUMMARY: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-3784
CVE STATUS: Unpatched
CVE SUMMARY: curl would wrongly reuse an existing HTTP proxy connection doing CONNECT to a

LAYER: meta
PACKAGE NAME: gnutls
PACKAGE VERSION: 3.8.4
CVE: CVE-2026-3832
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.

LAYER: meta
PACKAGE NAME: gnutls
PACKAGE VERSION: 3.8.4
CVE: CVE-2026-3833
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-3849
CVE STATUS: Unpatched
CVE SUMMARY: Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (Encrypted Client Hello) support, where a maliciously crafted ECH config could cause a stack buffer overflow on the client side, leading to potential remote execution and client program crash. This could be exploited by a malicious TLS server supporting ECH. Note that ECH is off by default, and is only enabled with enable-ech.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39817
CVE STATUS: Unpatched
CVE SUMMARY: The "go tool pack" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39819
CVE STATUS: Unpatched
CVE SUMMARY: The "go bug" command writes to two files with predictable names in the system temporary directory (for example, "/tmp"). An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39820
CVE STATUS: Unpatched
CVE SUMMARY: Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39823
CVE STATUS: Unpatched
CVE SUMMARY: CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute, the escaper would fail to similarly escape it, leading to XSS.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39825
CVE STATUS: Unpatched
CVE SUMMARY: ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39826
CVE STATUS: Unpatched
CVE SUMMARY: If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-39836
CVE STATUS: Unpatched
CVE SUMMARY: The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-39881
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to 9.2.0316, a command injection vulnerability in Vim's netbeans interface allows a malicious netbeans server to execute arbitrary Ex commands when Vim connects to it, via unsanitized strings in the defineAnnoType and specialKeys protocol messages. This vulnerability is fixed in 9.2.0316.

LAYER: meta
PACKAGE NAME: systemd
PACKAGE VERSION: 1_255.21
CVE: CVE-2026-40225
CVE STATUS: Unpatched
CVE SUMMARY: In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.

LAYER: meta
PACKAGE NAME: systemd
PACKAGE VERSION: 1_255.21
CVE: CVE-2026-40226
CVE STATUS: Unpatched
CVE SUMMARY: In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.

LAYER: meta
PACKAGE NAME: libexif
PACKAGE VERSION: 0.6.24
CVE: CVE-2026-40385
CVE STATUS: Unpatched
CVE SUMMARY: In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or information leaks. This only affects 32bit systems.

LAYER: meta
PACKAGE NAME: libexif
PACKAGE VERSION: 0.6.24
CVE: CVE-2026-40386
CVE STATUS: Unpatched
CVE SUMMARY: In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash or leak information out of libexif-using programs.

LAYER: meta
PACKAGE NAME: mesa
PACKAGE VERSION: 2_24.0.7
CVE: CVE-2026-40393
CVE STATUS: Unpatched
CVE SUMMARY: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-4046
CVE STATUS: Unpatched
CVE SUMMARY: The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.

LAYER: meta
PACKAGE NAME: ffmpeg
PACKAGE VERSION: 6.1.4
CVE: CVE-2026-40962
CVE STATUS: Unpatched
CVE SUMMARY: FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.c.

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-41035
CVE STATUS: Unpatched
CVE SUMMARY: In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim must run rsync with -X (aka --xattrs). On Linux, many (but not all) common configurations are vulnerable. Non-Linux platforms are more widely vulnerable.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-41080
CVE STATUS: Unpatched
CVE SUMMARY: libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-41411
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When resolving a tag, the filename field from the tags file is passed through wildcard expansion to resolve environment variables and wildcards. If the filename field contains backtick syntax (e.g., `command`), Vim executes the embedded command via the system shell with the full privileges of the running user.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-4159
CVE STATUS: Unpatched
CVE SUMMARY: 1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default.

LAYER: meta
PACKAGE NAME: perl
PACKAGE VERSION: 5.38.4
CVE: CVE-2026-4176
CVE STATUS: Unpatched
CVE SUMMARY: Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib.

LAYER: meta
PACKAGE NAME: libgcrypt
PACKAGE VERSION: 1.10.3
CVE: CVE-2026-41989
CVE STATUS: Unpatched
CVE SUMMARY: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.

LAYER: meta
PACKAGE NAME: gnutls
PACKAGE VERSION: 3.8.4
CVE: CVE-2026-42010
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-42307
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a crafted URL (e.g., using the sftp:// or file:// protocol handlers), an attacker can execute arbitrary shell commands with the privileges of the Vim process. This issue has been patched in version 9.2.0383.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-42499
CVE STATUS: Unpatched
CVE SUMMARY: Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

LAYER: meta
PACKAGE NAME: go-runtime
PACKAGE VERSION: 1.22.12
CVE: CVE-2026-42501
CVE STATUS: Unpatched
CVE SUMMARY: A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module's dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running "rm go.sum ; go mod tidy ; go mod verify", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-4271
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-4271
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43004
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43005
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43006
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43007
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43009
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43010
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43011
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43012
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43013
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43014
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43015
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43016
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43017
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43018
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43019
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43020
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43022
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43023
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43024
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43025
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43026
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43027
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43028
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43029
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43030
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43031
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43032
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43033
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43034
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43035
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43036
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43037
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43038
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43040
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43041
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43042
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43043
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43044
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43045
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43046
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43047
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43048
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43049
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43050
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43051
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43052
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43053
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43054
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43055
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43056
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43057
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43058
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43059
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43060
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43061
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43062
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43063
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43064
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43065
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43066
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43068
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43069
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43071
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43072
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43073
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43074
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43075
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43076
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43077
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43078
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43079
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43080
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43081
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43082
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43083
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43085
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43086
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43088
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43089
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43090
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43091
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43092
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43093
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43094
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43095
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43098
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43099
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43100
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43101
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43102
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43103
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43104
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43105
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43107
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43108
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43109
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43110
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43111
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43112
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43113
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43114
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43115
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43116
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43117
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43118
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43119
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43120
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43121
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43122
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43123
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43124
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43125
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43126
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43127
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43128
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43129
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43130
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43131
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43132
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43133
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43134
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43135
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43136
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43137
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43138
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43139
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43140
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43141
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43142
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43143
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43144
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43145
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43146
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43147
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43148
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43149
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43150
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43151
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43152
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43153
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43154
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43155
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43156
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43157
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43158
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43159
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43160
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43161
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43162
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43163
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43164
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43165
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43166
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43167
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43168
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43169
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43170
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43171
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43172
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43173
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43174
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43175
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43176
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43177
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43178
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43179
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43180
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43181
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43182
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43183
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43184
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43185
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43186
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43187
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43188
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43189
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43190
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43191
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43194
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43195
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43196
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43197
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43198
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43199
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43200
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43201
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43202
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43203
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43204
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43205
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43206
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43207
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43208
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43209
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43210
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43211
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43212
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43213
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43214
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43215
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43216
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43217
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43218
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43219
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43221
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43222
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43223
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43224
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43225
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43226
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43227
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43228
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43229
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43230
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43231
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43232
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43233
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43234
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43235
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43236
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43237
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43238
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43239
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43240
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43241
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43242
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43243
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43244
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43245
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43246
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43247
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43248
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43249
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43250
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43251
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43252
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43253
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43254
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43255
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43256
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43257
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43258
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43259
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43260
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43261
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43262
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43263
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43264
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43265
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43266
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43267
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43268
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43269
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43270
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43271
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43272
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43273
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43274
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43275
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43276
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43277
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43278
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43279
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43280
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43281
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43282
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43283
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43284
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43285
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43286
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43287
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43288
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43289
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43290
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43291
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43292
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43293
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43294
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43295
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43296
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43297
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43298
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43299
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43300
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43301
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43302
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43303
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43304
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43306
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43307
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43308
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43309
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43310
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43311
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43312
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43313
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43314
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43315
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43316
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43317
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43318
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43319
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43320
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43324
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43325
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43326
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43327
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43328
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43329
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43330
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43331
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43332
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43333
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43334
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43336
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43337
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43338
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43339
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43340
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43341
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43342
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43343
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43344
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43345
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43346
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43347
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43350
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43351
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43352
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43353
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43354
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43355
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43356
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43357
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43358
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43359
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43360
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43361
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43362
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43363
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43364
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43365
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43366
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43368
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43370
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43372
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43373
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43374
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43375
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43376
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43377
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43378
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43379
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43380
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43381
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43382
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43383
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43384
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43386
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43387
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43388
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43391
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43392
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43393
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43394
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43395
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43396
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43397
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43398
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43399
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43400
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43401
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43402
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43403
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43404
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43405
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43406
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43407
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43408
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43409
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43411
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43412
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43413
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43415
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43416
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43419
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43420
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43421
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43424
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43425
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43426
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43427
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43428
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43429
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43430
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43432
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43433
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43434
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43435
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43436
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43437
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43438
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43439
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43441
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43443
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43444
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43445
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43447
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43448
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43449
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43450
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43451
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43452
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43453
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43454
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43455
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43456
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43457
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43458
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43459
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43460
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43461
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43462
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43463
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43464
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43465
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43466
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43467
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43468
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43469
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43470
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43471
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43472
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43473
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43474
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43475
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-43500
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-43617
CVE STATUS: Unpatched
CVE SUMMARY: Rsync version 3.4.2 and prior contain an authorization bypass vulnerability in the rsync daemon's hostname-based access control list enforcement when configured with chroot. Attackers can bypass hostname-based deny rules by controlling the PTR record for their source IP address, allowing connections from hostnames that administrators intended to deny when reverse DNS resolution fails and defaults to UNKNOWN.

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-43618
CVE STATUS: Unpatched
CVE SUMMARY: Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow, allowing a malicious sender to trigger an overflow that causes the receiver process to read and return data from outside the intended buffer bounds. Attackers can exploit this vulnerability to disclose process memory contents including environment variables, passwords, heap and stack data, and library memory pointers, significantly reducing ASLR effectiveness and facilitating further exploitation.

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-43619
CVE STATUS: Unpatched
CVE SUMMARY: Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat that allow local attackers to redirect operations to files outside the exported rsync module. Attackers with local filesystem access can exploit the timing window between path resolution and syscall execution by swapping symlinks to apply sender-supplied permissions, ownership, timestamps, or filenames to arbitrary files outside the intended module boundary on rsync daemons configured with 'use chroot = no'.

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-43620
CVE STATUS: Unpatched
CVE SUMMARY: Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CF_INC_RECURSE in compatibility flags and sending a specially crafted file list where the first sorted entry is not the leading dot directory, followed by a transfer record with ndx=0 and an iflag word without ITEM_TRANSFER, causing the receiver to read 8 bytes before the allocated pointer array and dereference an invalid pointer at an unmapped address, resulting in a deterministic SIGSEGV crash of the rsync client.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-4395
CVE STATUS: Unpatched
CVE SUMMARY: Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote attacker to write attacker-controlled data past the bounds of the pubkey_raw buffer via a crafted oversized EC public key point. The WOLFSSL_KCAPI_ECC code path copies the input to key->pubkey_raw (132 bytes) using XMEMCPY without a bounds check, unlike the ATECC code path which includes a length validation. This can be triggered during TLS key exchange when a malicious peer sends a crafted ECPoint in ServerKeyExchange.

LAYER: meta
PACKAGE NAME: libarchive
PACKAGE VERSION: 3.7.9
CVE: CVE-2026-4424
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.

LAYER: meta
PACKAGE NAME: libarchive
PACKAGE VERSION: 3.7.9
CVE: CVE-2026-4426
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-4437
CVE STATUS: Unpatched
CVE SUMMARY: Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-4438
CVE STATUS: Unpatched
CVE SUMMARY: Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.

LAYER: meta
PACKAGE NAME: python3-urllib3
PACKAGE VERSION: 2.2.2
CVE: CVE-2026-44431
CVE STATUS: Unpatched
CVE SUMMARY: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connection_from_url().urlopen(..., assert_same_host=False) still forward these sensitive headers. This vulnerability is fixed in 2.7.0.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-44656
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the path option lacks the P_SECURE flag, it can be set from a modeline, allowing an attacker who controls the contents of a file to execute arbitrary shell commands when the user opens that file in Vim and triggers :find completion. This issue has been patched in version 9.2.0435.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-45130
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 encoding active. An attacker-controlled length field in the spell file's compound section overflows a 32-bit signed integer multiplication, causing a small buffer to be allocated for a write loop that runs many iterations, overflowing the heap. Because the 'spelllang' option can be set from a modeline, a text file modeline can trigger spell file loading if a malicious .spl file has been planted on the runtimepath. This issue has been patched in version 9.2.0450.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-45186
CVE STATUS: Unpatched
CVE SUMMARY: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2026-4519
CVE STATUS: Unpatched
CVE SUMMARY: The webbrowser.open() API would accept leading dashes in the URL which 

LAYER: meta
PACKAGE NAME: rsync
PACKAGE VERSION: 3.2.7
CVE: CVE-2026-45232
CVE STATUS: Unpatched
CVE SUMMARY: Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establish_proxy_connection() function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves between the client and proxy or controlling the proxy server to send a response line of 1023 or more bytes without a newline terminator, causing a null byte to be written to an out-of-bounds stack address when the RSYNC_PROXY environment variable is set.

LAYER: meta-xilinx-core
PACKAGE NAME: linux-xlnx
PACKAGE VERSION: 6.18.10+git+v2026.1
CVE: CVE-2026-46300
CVE STATUS: Unpatched
CVE SUMMARY: In the Linux kernel, the following vulnerability has been resolved:

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-4647
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks.

LAYER: meta
PACKAGE NAME: vim
PACKAGE VERSION: 9.1.1683
CVE: CVE-2026-46483
CVE STATUS: Unpatched
CVE SUMMARY: Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in

LAYER: meta
PACKAGE NAME: libusb1
PACKAGE VERSION: 1.0.27
CVE: CVE-2026-47104
CVE STATUS: Unpatched
CVE SUMMARY: libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_array() in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer size instead of the remaining size. Attackers in virtualized environments with USB passthrough can supply crafted descriptors through libusb_get_active_interface_association_descriptors or libusb_get_interface_association_descriptors to read one byte past the end of the malloc allocation, resulting in a denial of service.

LAYER: meta
PACKAGE NAME: tiff
PACKAGE VERSION: 4.6.0
CVE: CVE-2026-4775
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-4873
CVE STATUS: Unpatched
CVE SUMMARY: A vulnerability exists where a connection requiring TLS incorrectly reuses an

LAYER: meta
PACKAGE NAME: libcap
PACKAGE VERSION: 2.69
CVE: CVE-2026-4878
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

LAYER: meta
PACKAGE NAME: expat
PACKAGE VERSION: 2.6.4
CVE: CVE-2026-50219
CVE STATUS: Unpatched
CVE SUMMARY: libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,

LAYER: meta
PACKAGE NAME: libinput
PACKAGE VERSION: 1.25.0
CVE: CVE-2026-50292
CVE STATUS: Unpatched
CVE SUMMARY: In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution

LAYER: meta
PACKAGE NAME: libsoup
PACKAGE VERSION: 3.4.4
CVE: CVE-2026-5119
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation.
--
LAYER: meta
PACKAGE NAME: libsoup-2.4
PACKAGE VERSION: 2.74.3
CVE: CVE-2026-5119
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation.

LAYER: meta
PACKAGE NAME: libarchive
PACKAGE VERSION: 3.7.9
CVE: CVE-2026-5121
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5187
CVE STATUS: Unpatched
CVE SUMMARY: Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass sizeof(decOid) (64 bytes on 64-bit platforms) instead of the element count MAX_OID_SZ (32), causing the function to accept crafted OIDs with 33 or more arcs that write past the end of the allocated buffer.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5188
CVE STATUS: Unpatched
CVE SUMMARY: An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This results in incorrect handling of certificate data. The issue is limited to configurations using the original ASN.1 parsing implementation which is off by default.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5194
CVE STATUS: Unpatched
CVE SUMMARY: Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.

LAYER: meta
PACKAGE NAME: gdk-pixbuf
PACKAGE VERSION: 2.42.12
CVE: CVE-2026-5201
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for example, via thumbnail generation. Successful exploitation leads to application crashes and denial of service (DoS) conditions.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5263
CVE STATUS: Unpatched
CVE SUMMARY: URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing CA, and wolfSSL would accept them as valid.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5264
CVE STATUS: Unpatched
CVE SUMMARY: Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5295
CVE STATUS: Unpatched
CVE SUMMARY: A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo (ORI) recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer (oriOID[MAX_OID_SZ]) via XMEMCPY without first validating that the parsed OID length does not exceed MAX_OID_SZ. A crafted CMS EnvelopedData message with an ORI recipient containing an OID longer than 32 bytes triggers a stack buffer overflow. Exploitation requires the library to be built with --enable-pkcs7 (disabled by default) and the application to have registered an ORI decrypt callback via wc_PKCS7_SetOriDecryptCb().

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5392
CVE STATUS: Unpatched
CVE SUMMARY: Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_VerifySignedData().

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5393
CVE STATUS: Unpatched
CVE SUMMARY: Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-5435
CVE STATUS: Unpatched
CVE SUMMARY: The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5446
CVE STATUS: Unpatched
CVE SUMMARY: In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wc_AriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is zero-initialized at session setup and never incremented in non-FIPS builds. This vulnerability affects wolfSSL builds configured with --enable-aria and the proprietary MagicCrypto SDK (a non-default, opt-in configuration required for Korean regulatory deployments). AES-GCM is not affected because wc_AesGcmEncrypt_ex maintains an internal invocation counter independently of the call-site guard.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5447
CVE STATUS: Unpatched
CVE SUMMARY: Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate internally due to incorrect size handling of the AuthorityKeyIdentifier extension.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5448
CVE STATUS: Unpatched
CVE SUMMARY: X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. This is only triggered when calling these two APIs directly from an application, and does not affect TLS or certificate verify operations in wolfSSL.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-5450
CVE STATUS: Unpatched
CVE SUMMARY: Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5460
CVE STATUS: Unpatched
CVE SUMMARY: A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error handling path of TLSX_KeyShare_ProcessPqcHybridClient() in src/tls.c, the inner function TLSX_KeyShare_ProcessPqcClient_ex() frees a KyberKey object upon encountering an error. The caller then invokes TLSX_KeyShare_FreeAll(), which attempts to call ForceZero() on the already-freed KyberKey, resulting in writes of zero bytes over freed heap memory.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5466
CVE STATUS: Unpatched
CVE SUMMARY: wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no check that they lie in `[1, q-1]`. A crafted forged signature could verify against any message for any identity, using only publicly-known constants.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5477
CVE STATUS: Unpatched
CVE SUMMARY: An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wc_CmacUpdate used the guard `if (cmac->totalSz != 0)` to skip XOR-chaining on the first block (where digest is all-zeros and the XOR is a no-op). However, totalSz is word32 and wraps to zero after 2^28 block flushes (4 GiB), causing the guard to erroneously discard the live CBC-MAC chain state. Any two messages sharing a common suffix beyond the 4 GiB mark then produce identical CMAC tags, enabling a zero-work prefix-substitution forgery. The fix removes the guard, making the XOR unconditional; the no-op property on the first block is preserved because digest is zero-initialized by wc_InitCmac_ex.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5479
CVE STATUS: Unpatched
CVE SUMMARY: In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform ChaCha20-Poly1305 decryption, the implementation computes or accepts the tag but does not compare it against the expected value.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5500
CVE STATUS: Unpatched
CVE SUMMARY: wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. A man-in-the-middle can therefore truncate the mac field from 16 bytes to 1 byte, reducing the tag check from 2⁻¹²⁸ to 2⁻⁸.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5501
CVE STATUS: Unpatched
CVE SUMMARY: wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker who obtains any leaf certificate from a trusted CA (e.g. a free DV cert from Let's Encrypt) can forge a certificate for any subject name with any public key and arbitrary signature bytes, and the function returns `WOLFSSL_SUCCESS` / `X509_V_OK`. The native wolfSSL TLS handshake path (`ProcessPeerCerts`) is not susceptible and the issue is limited to applications using the OpenSSL compatibility API directly, which would include integrations of wolfSSL into nginx and haproxy.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5503
CVE STATUS: Unpatched
CVE SUMMARY: In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach the attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI was configured. TLSX_EchRestoreSNI then failed to clean it up because its removal was gated on serverNameX != NULL. The inner ClientHello was sized before the pollution but written after it, causing TLSX_SNI_Write to memcpy 255 bytes past the allocation boundary.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5504
CVE STATUS: Unpatched
CVE SUMMARY: A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with modified ciphertext. In previous versions of wolfSSL the interior padding bytes are not validated.

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5507
CVE STATUS: Unpatched
CVE SUMMARY: When restoring a session from cache, a pointer from the serialized session data is used in a free operation without validation. An attacker who can poison the session cache could trigger an arbitrary free. Exploitation requires the ability to inject a crafted session into the cache and for the application to call specific session restore APIs.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-5545
CVE STATUS: Unpatched
CVE SUMMARY: libcurl might in some circumstances reuse the wrong connection when asked to

LAYER: meta
PACKAGE NAME: libtheora
PACKAGE VERSION: 1.1.1
CVE: CVE-2026-5673
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a truncated header sub-chunk. This could lead to a denial-of-service (application crash) or potentially leak sensitive information from the heap.

LAYER: meta
PACKAGE NAME: tar
PACKAGE VERSION: 1.35
CVE: CVE-2026-5704
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files onto a system without detection.

LAYER: meta
PACKAGE NAME: libarchive
PACKAGE VERSION: 3.7.9
CVE: CVE-2026-5745
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() function. When processing a malformed ACL string (such as a bare "d" or "default" tag without subsequent fields), the function fails to perform adequate validation before advancing the pointer. An attacker can exploit this by providing a maliciously crafted archive, causing an application utilizing the libarchive API (such as bsdtar) to crash, resulting in a Denial of Service (DoS).

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5772
CVE STATUS: Unpatched
CVE SUMMARY: A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOST_WILDCARD_ONLY flag is active.  If a wildcard * exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check, which could cause a crash.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-5773
CVE STATUS: Unpatched
CVE SUMMARY: libcurl might in some circumstances reuse the wrong connection for SMB(S)

LAYER: meta-networking
PACKAGE NAME: wolfssl
PACKAGE VERSION: 5.7.2
CVE: CVE-2026-5778
CVE STATUS: Unpatched
CVE SUMMARY: Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing a large out-of-bounds read and crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-5928
CVE STATUS: Unpatched
CVE SUMMARY: Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially resulting in unintentional disclosure of neighboring data in the heap, or a program crash.

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2026-6019
CVE STATUS: Unpatched
CVE SUMMARY: http.cookies.Morsel.js_output() returns an inline <script> snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence </script> inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value.

LAYER: meta
PACKAGE NAME: glibc
PACKAGE VERSION: 2.39+git
CVE: CVE-2026-6238
CVE STATUS: Unpatched
CVE SUMMARY: The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-6253
CVE STATUS: Unpatched
CVE SUMMARY: curl might erroneously pass on credentials for a first proxy to a second

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-6276
CVE STATUS: Unpatched
CVE SUMMARY: Using libcurl, when a custom `Host:` header is first set for an HTTP request

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-6429
CVE STATUS: Unpatched
CVE SUMMARY: When asked to both use a `.netrc` file for credentials and to follow HTTP

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-6844
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a specially crafted Executable and Linkable Format (ELF) file. One vulnerability, a resource exhaustion (CWE-400), can lead to an out-of-memory condition. The other, a null pointer dereference (CWE-476), can cause a segmentation fault. Both issues can result in the `readelf` utility becoming unresponsive or crashing, leading to a denial of service.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-6845
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by tricking a user into processing a specially crafted Executable and Linkable Format (ELF) file. The exploitation of this flaw can lead to the system becoming unresponsive due to excessive resource consumption or a program crash.

LAYER: meta
PACKAGE NAME: binutils
PACKAGE VERSION: 2.42
CVE: CVE-2026-6846
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file during linking. A local attacker could trick a user into processing this malicious file, which could lead to arbitrary code execution, allowing the attacker to run unauthorized commands, or cause a denial of service, making the system unavailable.

LAYER: meta
PACKAGE NAME: curl
PACKAGE VERSION: 8.7.1
CVE: CVE-2026-7168
CVE STATUS: Unpatched
CVE SUMMARY: Successfully using libcurl to do a transfer over a specific HTTP proxy

LAYER: meta
PACKAGE NAME: python3
PACKAGE VERSION: 3.12.12
CVE: CVE-2026-7210
CVE STATUS: Unpatched
CVE SUMMARY: `xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.

LAYER: meta
PACKAGE NAME: perl
PACKAGE VERSION: 5.38.4
CVE: CVE-2026-8376
CVE STATUS: Unpatched
CVE SUMMARY: Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds.

LAYER: meta
PACKAGE NAME: libsolv
PACKAGE VERSION: 0.7.28
CVE: CVE-2026-9149
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS).

LAYER: meta
PACKAGE NAME: libsolv
PACKAGE VERSION: 0.7.28
CVE: CVE-2026-9150
CVE STATUS: Unpatched
CVE SUMMARY: A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.