汇总 Fedora Project 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、路径处理缺陷、输入验证问题与跨站脚本,在 服务器部署与系统组件 使用场景中可能带来 文件覆盖、异常行为与会话劫持 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-12610 | A flaw was found in sssd. When authenticating with a YubiKey, the SSSD PAM responder can crash due to a use-after-free vulnerability, where a memory pointer is incorrectly handled. A local attacker could exploit this flaw by manipulating smartcard or YubiKey contents, leading to a denial of service that disrupts authentication. This vulnerability also presents a potential for privilege escalation, although it is difficult to exploit. | [email protected] | 6.4 | 0.16% | 2026-06-30 | 2026-06-30 |
| CVE-2026-54231 | A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal output by embedding newline characters in syslog messages, controlling the content that root writes to dump directory files. | [email protected] | 5.5 | 0.12% | 2026-06-12 | 2026-06-29 |
| CVE-2026-54230 | A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the target file is replaced with a symlink, the shell process running as root follows the symlink and writes content to the symlink target, allowing arbitrary file overwrites on the system. | [email protected] | 7.0 | 0.12% | 2026-06-12 | 2026-07-14 |
| CVE-2026-35094 | A flaw was found in libinput. An attacker capable of deploying a Lua plugin file in specific system directories can exploit a dangling pointer vulnerability. This occurs when a garbage collection cleanup function is called, leaving a pointer that can then be printed to system logs. This could potentially expose sensitive data if the memory location is re-used, leading to information disclosure. For this exploit to work, Lua plugins must be enabled in libinput and loaded by the compositor. | [email protected] | 3.3 | 0.15% | 2026-04-01 | 2026-06-17 |
| CVE-2026-35093 | A flaw was found in libinput. A local attacker who can place a specially crafted Lua bytecode file in certain system or user configuration directories can bypass security restrictions. This allows the attacker to run unauthorized code with the same permissions as the program using libinput, such as a graphical compositor. This could lead to the attacker monitoring keyboard input and sending that information to an external location. | [email protected] | 8.8 | 0.18% | 2026-04-01 | 2026-07-14 |
| CVE-2023-4134 | A use-after-free vulnerability was found in the cyttsp4_core driver in the Linux kernel. This issue occurs in the device cleanup routine due to a possible rearming of the watchdog_timer from the workqueue. This could allow a local user to crash the system, causing a denial of service. | [email protected] | 5.5 | 0.19% | 2024-11-14 | 2026-06-17 |
| CVE-2024-3056 | A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed | [email protected] | 7.7 | 0.51% | 2024-08-02 | 2026-06-17 |
| CVE-2024-6293 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.52% | 2024-06-24 | 2026-06-17 |
| CVE-2024-6292 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.51% | 2024-06-24 | 2026-06-17 |
| CVE-2024-6291 | Use after free in Swiftshader in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.55% | 2024-06-24 | 2026-06-17 |
| CVE-2024-6290 | Use after free in Dawn in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.52% | 2024-06-24 | 2026-06-17 |
| CVE-2024-38277 | A unique key should be generated for a user's QR login key and their auto-login key, so the same key cannot be used interchangeably between the two. | [email protected] | 5.4 | 0.19% | 2024-06-18 | 2026-06-17 |
| CVE-2024-38276 | Incorrect CSRF token checks resulted in multiple CSRF risks. | [email protected] | 8.8 | 0.46% | 2024-06-18 | 2026-06-17 |
| CVE-2024-38274 | Insufficient escaping of calendar event titles resulted in a stored XSS risk in the event deletion prompt. | [email protected] | 6.1 | 0.37% | 2024-06-18 | 2026-06-17 |
| CVE-2024-38273 | Insufficient capability checks meant it was possible for users to gain access to BigBlueButton join URLs they did not have permission to access. | [email protected] | 5.4 | 0.43% | 2024-06-18 | 2026-06-17 |
| CVE-2024-5847 | Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | [email protected] | 8.8 | 0.48% | 2024-06-11 | 2026-06-17 |
| CVE-2024-5846 | Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | [email protected] | 8.8 | 0.48% | 2024-06-11 | 2026-06-17 |
| CVE-2024-5845 | Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | [email protected] | 8.8 | 0.46% | 2024-06-11 | 2026-06-17 |
| CVE-2024-5844 | Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | [email protected] | 8.8 | 0.53% | 2024-06-11 | 2026-06-17 |
| CVE-2024-5843 | Inappropriate implementation in Downloads in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to obfuscate security UI via a malicious file. (Chromium security severity: Medium) | [email protected] | 6.5 | 0.47% | 2024-06-11 | 2026-06-17 |