Articles from 2026
Browse all Windows news articles published in 2026
CVE-2026-31498: Bluetooth L2CAP ERTM reinit leak & zero pdu infinite loop
CVE-2026-31498 is a reminder that some of the most consequential kernel bugs are not dramatic buffer overflows or headline-grabbing remote exploits, but state-machine failures and validation gaps buri
CVE-2026-31503 UDP Wildcard Bind Conflict Bypass When hash2 Activates
CVE-2026-31503 is a small-looking Linux kernel networking fix with outsized operational significance: UDP’s port-bind conflict detection could miss a collision when the code switched to the newer hash
CVE-2026-31503: Linux UDP Wildcard Bind Conflicts Missed on hash2 Threshold
Linux systems picked up another networking CVE this week, and CVE-2026-31503 is a good reminder that some of the most consequential kernel bugs are not dramatic memory corruption flaws but logic failu
CVE-2026-31451 ext4 Fix: BUG_ON Panic Replaced by -EFSCORRUPTED Error
The newly published CVE-2026-31451 is a classic example of why kernel bug fixes matter even when the flaw is framed as a “proper error handling” change rather than a dramatic exploit primitive. In the
ext4 CVE-2026-31451 Fix: Replace BUG_ON Panic With -EFSCORRUPTED Handling
In the Linux kernel’s ext4 filesystem, a small logic change has been turned into a security-relevant reliability fix: the code path that reads inline data now avoids a kernel-panic-style BUG_ON() when
CVE-2026-31509 Linux NFC Locking Fix: Deadlock Risk in Close Path
Overview CVE-2026-31509 is a Linux kernel vulnerability in the NFC NCI path that was published on April 22, 2026, and quickly
CVE-2026-31447: ext4 Rejects bigalloc with s_first_data_block for Safer Mounts
The Linux kernel has published CVE-2026-31447 for an ext4 mount-time validation flaw, and the fix is narrow but important: reject filesystems that combine bigalloc with a nonzero s_first_data_block. I
CVE-2026-31447: ext4 Rejects Unsafe bigalloc with s_first_data_block ≠ 0
The Linux kernel’s ext4 filesystem is now facing a newly published CVE that closes off an unsupported mount configuration before it can do damage. CVE-2026-31447 addresses a specific mismatch between
CVE-2026-31500: Linux Bluetooth intel Race Causes KASAN Slab Use-After-Free Fix
CVE-2026-31500 is a classic example of how a small synchronization mistake in a mature kernel driver can turn into a serious memory-safety bug. The flaw sits in the Linux Bluetooth Intel path, where b
CVE-2026-31500 Intel Bluetooth Race Fix: Prevent Kernel UAF in Shutdown Recovery
The latest Linux Bluetooth security issue to hit public tracking is CVE-2026-31500, a kernel bug in the Intel Bluetooth driver path that can race during hardware-error recovery and device shutdown. Ac
CVE-2026-31507: Linux kernel double-free in SMC splice with tee() leads to panic
In the Linux kernel, CVE-2026-31507 exposes a deceptively small-looking bug with outsized consequences: a double-free of smc_spd_priv when tee() duplicates an SMC splice pipe buffer. The flaw sits in
SMC CVE-2026-31507: tee() splice double-free leads to Linux kernel panic
The Linux kernel’s SMC networking stack is back in the security spotlight with CVE-2026-31507, a flaw that can turn a seemingly ordinary tee operation into a double-free and, in practice, a kernel cra