#CVE
nvd.nist.gov · ⭐️ 8/10 · 2026-07-08
A use-after-free vulnerability (CVE-2026-57589) has been discovered in OpenBSD, allowing a local attacker to escalate privileges to root. This vulnerability is significant because OpenBSD is renowned for its security focus, and a local privilege escalation bug could undermine that reputation. It affects all systems running the vulnerable version. The vulnerability was discovered as part of the 'Patch The Planet' initiative by OpenAI and Trail of Bits. Details are currently limited; the OpenBSD security page does not yet list it.
lwn.net · ⭐️ 8/10 · 2026-07-04
Greg Kroah-Hartman announced the release of seven stable Linux kernels (versions 7.1.3, 6.18.38, 6.12.95, 6.6.144, 6.1.177, 5.15.211, and 5.10.260), which include fixes for two security vulnerabilities: CVE-2026-53362 and CVE-2026-53359. These fixes address critical vulnerabilities, including a container escape vulnerability (CVE-2026-53362) that could allow attackers to gain root access on the host system, and a use-after-free bug in KVM (CVE-2026-53359) that has existed since the 2.6.36 kernel. Users are strongly advised to upgrade to protect against potential exploitation. CVE-2026-53362 was introduced in kernel 6.0 in IPv6 handling, while CVE-2026-53359 is a use-after-free bug in KVM present since kernel 2.6.36. Each stable kernel also includes numerous other fixes throughout the tree.