Aggregator

A vulnerability has been found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1 and classified as critical. This vulnerability affects the function do_compat_alignment_fixup of the component Virtual Address Handler. This manipulation causes null pointer dereference. This vulnerability is tracked as CVE-2025-22033. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.13.10/6.14.1. It has been declared as critical. The affected element is the function pci_bus of the component bwctrl. Executing a manipulation can lead to null pointer dereference. This vulnerability is registered as CVE-2025-22031. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.12.22/6.13.10/6.14.1. Affected by this vulnerability is the function mt792x_rx_get_wcid of the component mt7921. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-22032. The attack requires being on the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. It has been declared as problematic. This impacts the function crypto_free_acomp of the component zswap. The manipulation of the argument acomp_ctx results in improper initialization. This vulnerability is cataloged as CVE-2025-22030. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

Refloow Geo Forensics: A Free Batch Image Geolocation and EXIF Forensics Tool for OSINT

马年限定！红包封面大派送~

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.63/6.18.3/6.19-rc3. This impacts the function raid5_store_group_thread_cnt. Performing a manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-71135. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3. Affected by this vulnerability is the function irdma_net_event. This manipulation causes null pointer dereference. This vulnerability is tracked as CVE-2025-71133. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3. This vulnerability affects the function xdp_convert_buff_to_frame. The manipulation results in denial of service. This vulnerability is reported as CVE-2025-71095. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3 and classified as critical. Affected by this issue is the function fib_table_flush. This manipulation causes improper update of reference count. This vulnerability appears as CVE-2025-71097. The attacker needs to be present on the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.2. It has been rated as critical. The affected element is the function parse_apply_sb_mount_options in the library string.h of the component ext4. Performing a manipulation of the argument s_mount_opts results in buffer overflow. This vulnerability is identified as CVE-2025-71123. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.159/6.6.119/6.12.64/6.18.3/6.19-rc3. This issue affects the function sk_state_change of the file net/mptcp/subflow.c of the component mptcp. The manipulation leads to state issue. This vulnerability is traded as CVE-2025-71088. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3. Affected by this vulnerability is the function asix_read_phy_addr of the file drivers/net/phy/mdio_bus.c of the component ASIX Driver. The manipulation results in information disclosure. This vulnerability is reported as CVE-2025-71094. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.63/6.18.3/6.19-rc3. The affected element is the function rt6_get_pcpu_route of the component ipv6. This manipulation causes allocation of resources. This vulnerability is tracked as CVE-2025-71080. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.159/6.6.119/6.12.63/6.18.3/6.19-rc3. This affects the function cancel_work_sync of the component RDMA. Performing a manipulation results in improper update of reference count. This vulnerability is cataloged as CVE-2025-71084. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

Name: 0xFUN CTF 2026 (an 0xFUN CTF event.)
Date: Feb. 12, 2026, 6 p.m. — 14 Feb. 2026, 18:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.0xfun.org/
Rating weight: 0
Event organizers: Bunkyowerstens

ClawBands: A Security Middleware That Puts Human-in-the-Loop Controls on OpenClaw AI Agents