Detections
Analytics
openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20572-1)
high Nessus Plugin ID 309153
Synopsis
The remote openSUSE host is missing one or more security updates.Description
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20572-1 advisory.The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-39998: scsi: target: target_core_configfs: Add length check to avoid buffer overflow (bsc#1252073).
- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).
- CVE-2025-68794: iomap: adjust read range correctly for non-block-aligned positions (bsc#1256647).
- CVE-2025-71239: audit: add fchmodat2() to change attributes class (bsc#1259759).
- CVE-2026-23072: l2tp: Fix memleak in l2tp_udp_encap_recv() (bsc#1257708).
- CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773).
- CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280).
- CVE-2026-23125: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT (bsc#1258293).
- CVE-2026-23138: kABI: Preserve values of the trace recursion bits (bsc#1258301).
- CVE-2026-23140: bpf, test_run: Subtract size of xdp_frame from allowed metadata size (bsc#1258305).
- CVE-2026-23187: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc->domains (bsc#1258330).
- CVE-2026-23193: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (bsc#1258414).
- CVE-2026-23201: ceph: fix oops due to invalid pointer for kfree() in parse_longname() (bsc#1258337).
- CVE-2026-23204: net: add skb_header_pointer_careful() helper (bsc#1258340).
- CVE-2026-23215: x86/vmware: Fix hypercall clobbers (bsc#1258476).
- CVE-2026-23216: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (bsc#1258447).
- CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (bsc#1259188).
- CVE-2026-23239: espintcp: Fix race condition in espintcp_close() (bsc#1259485).
- CVE-2026-23240: tls: Fix race condition in tls_sw_cancel_work_tx() (bsc#1259484).
- CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processing (bsc#1259795).
- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797).
- CVE-2026-23255: net: add proper RCU protection to /proc/net/ptype (bsc#1259891).
- CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870).
- CVE-2026-23270: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (bsc#1259886).
- CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertion (bsc#1260009).
- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260005).
- CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997).
- CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elements (bsc#1259998).
- CVE-2026-23281: wifi: libertas: fix use-after-free in lbs_free_adapter() (bsc#1260464).
- CVE-2026-23292: scsi: target: Fix recursive locking in __configfs_open_file() (bsc#1260500).
- CVE-2026-23293: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260486).
- CVE-2026-23297: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit() (bsc#1260490).
- CVE-2026-23304: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() (bsc#1260544).
- CVE-2026-23319: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim (bsc#1260735).
- CVE-2026-23326: xsk: Fix fragment node deletion to prevent buffer leak (bsc#1260606).
- CVE-2026-23335: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() (bsc#1260550).
- CVE-2026-23343: xdp: produce a warning when calculated tailroom is negative (bsc#1260527).
- CVE-2026-23361: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry (bsc#1260732).
- CVE-2026-23379: net/sched: ets: fix divide by zero in the offload path (bsc#1260481).
- CVE-2026-23381: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled (bsc#1260471).
- CVE-2026-23383: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing (bsc#1260497).
- CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799).
- CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260522).
- CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730).
- CVE-2026-23413: clsact: Fix use-after-free in init/destroy rollback asymmetry (bsc#1261498).
- CVE-2026-23414: tls: Purge async_hold in tls_decrypt_async_wait() (bsc#1261496).
- CVE-2026-23419: net/rds: Fix circular locking dependency in rds_tcp_tune (bsc#1261507).
- CVE-2026-23425: KVM: arm64: Fix ID register initialization for non-protected pKVM guests (bsc#1261506).
- CVE-2026-31788: xen/privcmd: restrict usage in unprivileged domU (bsc#1259707).
The following non security issues were fixed:
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (bsc#1259461).
- KVM: x86: synthesize CPUID bits only if CPU capability is set (bsc#1257511).
- Revert drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129).
- Update config files (bsc#1254307).
- apparmor: Fix double free of ns_name in aa_replace_profiles() (bsc#1258849).
- apparmor: fix differential encoding verification (bsc#1258849).
- apparmor: fix memory leak in verify_header (bsc#1258849).
- apparmor: fix missing bounds check on DEFAULT table in verify_dfa() (bsc#1258849).
- apparmor: fix race between freeing data and fs accessing it (bsc#1258849).
- apparmor: fix race on rawdata dereference (bsc#1258849).
- apparmor: fix side-effect bug in match_char() macro usage (bsc#1258849).
- apparmor: fix unprivileged local user can do privileged policy management (bsc#1258849).
- apparmor: fix: limit the number of levels of policy namespaces (bsc#1258849).
- apparmor: replace recursive profile removal with iterative approach (bsc#1258849).
- apparmor: validate DFA start states are in bounds in unpack_pdb (bsc#1258849).
- bpf, btf: Enforce destructor kfunc type with CFI (bsc#1259955).
- bpf: crypto: Use the correct destructor kfunc type (bsc#1259955).
- btrfs: only enforce free space tree if v1 cache is required for bs < ps cases (bsc#1260459).
- btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() (bsc#1257777).
- dmaengine: sh: rz-dmac: Move CHCTRL updates under spinlock (git-fixes).
- drm/amdkfd: Unreserve bo if queue update failed (git-fixes).
- drm/i915/display: Add module param to skip retraining of dp link (bsc#1253129).
- drm/i915/dsc: Add Selective Update register definitions (stable-fixes).
- drm/i915/dsc: Add helper for writing DSC Selective Update ET parameters (stable-fixes).
- firmware: microchip: fail auto-update probe if no flash found (git-fixes).
- kABI: Include trace recursion bits in kABI tracking (bsc#1258301).
- net: mana: Trigger VF reset/recovery on health check failure due to HWC timeout (bsc#1259580).
- nvme: add support for dynamic quirk configuration via module parameter (bsc#1243208).
- nvme: expose active quirks in sysfs (bsc#1243208).
- nvme: fix memory leak in quirks_param_set() (bsc#1243208).
- powerpc/crash: adjust the elfcorehdr size (jsc#PED-11175 git-fixes).
- powerpc/kdump: Fix size calculation for hot-removed memory ranges (jsc#PED-11175 git-fixes).
- s390/cio: Update purge function to unregister the unused subchannels (bsc#1254214).
- s390/ipl: Clear SBP flag when bootprog is set (bsc#1258175).
- s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP (bsc#1254306).
- scsi: fnic: Add Cisco hardware model names (jsc#PED-15441).
- scsi: fnic: Add and integrate support for FDMI (jsc#PED-15441).
- scsi: fnic: Add and integrate support for FIP (jsc#PED-15441).
- scsi: fnic: Add functionality in fnic to support FDLS (jsc#PED-15441).
- scsi: fnic: Add headers and definitions for FDLS (jsc#PED-15441).
- scsi: fnic: Add stats and related functionality (jsc#PED-15441).
- scsi: fnic: Add support for fabric based solicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support for target based solicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support for unsolicited requests and responses (jsc#PED-15441).
- scsi: fnic: Add support to handle port channel RSCN (jsc#PED-15441).
- scsi: fnic: Code cleanup (jsc#PED-15441).
- scsi: fnic: Delete incorrect debugfs error handling (jsc#PED-15441).
- scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (jsc#PED-15441).
- scsi: fnic: Fix indentation and remove unnecessary parenthesis (jsc#PED-15441).
- scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (jsc#PED-15441).
- scsi: fnic: Fix use of uninitialized value in debug message (jsc#PED-15441).
- scsi: fnic: Increment driver version (jsc#PED-15441).
- scsi: fnic: Modify IO path to use FDLS (jsc#PED-15441).
- scsi: fnic: Modify fnic interfaces to use FDLS (jsc#PED-15441).
- scsi: fnic: Propagate SCSI error code from fnic_scsi_drv_init() (jsc#PED-15441).
- scsi: fnic: Remove always-true IS_FNIC_FCP_INITIATOR macro (jsc#PED-15441).
- scsi: fnic: Remove extern definition from .c files (jsc#PED-15441).
- scsi: fnic: Remove unnecessary debug print (jsc#PED-15441).
- scsi: fnic: Remove unnecessary else and unnecessary break in FDLS (jsc#PED-15441).
- scsi: fnic: Remove unnecessary else to fix warning in FDLS FIP (jsc#PED-15441).
- scsi: fnic: Remove unnecessary spinlock locking and unlocking (jsc#PED-15441).
- scsi: fnic: Replace fnic->lock_flags with local flags (jsc#PED-15441).
- scsi: fnic: Replace shost_printk() with dev_info()/dev_err() (jsc#PED-15441).
- scsi: fnic: Replace use of sizeof with standard usage (jsc#PED-15441).
- scsi: fnic: Return appropriate error code for mem alloc failure (jsc#PED-15441).
- scsi: fnic: Return appropriate error code from failure of scsi drv init (jsc#PED-15441).
- scsi: fnic: Test for memory allocation failure and return error code (jsc#PED-15441).
- scsi: fnic: Turn off FDMI ACTIVE flags on link down (jsc#PED-15441).
- scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1255687).
- scsi: scsi_transport_sas: Fix the maximum channel scanning issue (bsc#1255687, git-fixes).
- scsi: smartpqi: Fix memory leak in pqi_report_phys_luns() (git-fixes, jsc#PED-15042).
- selftests/bpf: Use the correct destructor kfunc type (bsc#1259955).
- selftests/powerpc: Suppress -Wmaybe-uninitialized with GCC 15 (bsc#1261669 ltc#212590).
- tg3: Fix race for querying speed/duplex (bsc#1257183).
- x86/platform/uv: Handle deconfigured sockets (bsc#1260347).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1191256
https://bugzilla.suse.com/1207184
https://bugzilla.suse.com/1222768
https://bugzilla.suse.com/1217845
https://bugzilla.suse.com/1253129
https://bugzilla.suse.com/1254214
https://bugzilla.suse.com/1254306
https://bugzilla.suse.com/1255084
https://bugzilla.suse.com/1258293
https://bugzilla.suse.com/1258340
https://bugzilla.suse.com/1258849
https://bugzilla.suse.com/1259580
https://www.suse.com/security/cve/CVE-2025-40253
https://www.suse.com/security/cve/CVE-2026-23125
https://www.suse.com/security/cve/CVE-2026-23204
https://bugzilla.suse.com/1252073
https://www.suse.com/security/cve/CVE-2025-39998
https://bugzilla.suse.com/1191270
https://bugzilla.suse.com/1194778
https://bugzilla.suse.com/1243208
https://bugzilla.suse.com/1254307
https://bugzilla.suse.com/1255687
https://bugzilla.suse.com/1256647
https://bugzilla.suse.com/1257183
https://bugzilla.suse.com/1257511
https://bugzilla.suse.com/1257708
https://bugzilla.suse.com/1257773
https://bugzilla.suse.com/1257777
https://bugzilla.suse.com/1258175
https://bugzilla.suse.com/1258280
https://bugzilla.suse.com/1258301
https://bugzilla.suse.com/1258305
https://bugzilla.suse.com/1258330
https://bugzilla.suse.com/1258337
https://bugzilla.suse.com/1258414
https://bugzilla.suse.com/1258447
https://bugzilla.suse.com/1258476
https://bugzilla.suse.com/1259188
https://bugzilla.suse.com/1259461
https://bugzilla.suse.com/1259484
https://bugzilla.suse.com/1259485
https://bugzilla.suse.com/1259707
https://bugzilla.suse.com/1259759
https://bugzilla.suse.com/1259795
https://bugzilla.suse.com/1259797
https://bugzilla.suse.com/1259870
https://bugzilla.suse.com/1259886
https://bugzilla.suse.com/1259891
https://bugzilla.suse.com/1259955
https://bugzilla.suse.com/1259997
https://bugzilla.suse.com/1259998
https://bugzilla.suse.com/1260005
https://bugzilla.suse.com/1260009
https://bugzilla.suse.com/1260347
https://bugzilla.suse.com/1260459
https://bugzilla.suse.com/1260464
https://bugzilla.suse.com/1260471
https://bugzilla.suse.com/1260481
https://bugzilla.suse.com/1260486
https://bugzilla.suse.com/1260490
https://bugzilla.suse.com/1260497
https://bugzilla.suse.com/1260500
https://bugzilla.suse.com/1260522
https://bugzilla.suse.com/1260527
https://bugzilla.suse.com/1260544
https://bugzilla.suse.com/1260550
https://bugzilla.suse.com/1260606
https://bugzilla.suse.com/1260730
https://bugzilla.suse.com/1260732
https://bugzilla.suse.com/1260735
https://bugzilla.suse.com/1260799
https://bugzilla.suse.com/1261496
https://bugzilla.suse.com/1261498
https://bugzilla.suse.com/1261506
https://bugzilla.suse.com/1261507
https://bugzilla.suse.com/1261669
https://www.suse.com/security/cve/CVE-2025-68794
https://www.suse.com/security/cve/CVE-2025-71239
https://www.suse.com/security/cve/CVE-2026-23072
https://www.suse.com/security/cve/CVE-2026-23103
https://www.suse.com/security/cve/CVE-2026-23120
https://www.suse.com/security/cve/CVE-2026-23138
https://www.suse.com/security/cve/CVE-2026-23140
https://www.suse.com/security/cve/CVE-2026-23187
https://www.suse.com/security/cve/CVE-2026-23193
https://www.suse.com/security/cve/CVE-2026-23201
https://www.suse.com/security/cve/CVE-2026-23215
https://www.suse.com/security/cve/CVE-2026-23216
https://www.suse.com/security/cve/CVE-2026-23231
https://www.suse.com/security/cve/CVE-2026-23239
https://www.suse.com/security/cve/CVE-2026-23240
https://www.suse.com/security/cve/CVE-2026-23242
https://www.suse.com/security/cve/CVE-2026-23243
https://www.suse.com/security/cve/CVE-2026-23255
https://www.suse.com/security/cve/CVE-2026-23262
https://www.suse.com/security/cve/CVE-2026-23270
https://www.suse.com/security/cve/CVE-2026-23272
https://www.suse.com/security/cve/CVE-2026-23274
https://www.suse.com/security/cve/CVE-2026-23277
https://www.suse.com/security/cve/CVE-2026-23278
https://www.suse.com/security/cve/CVE-2026-23281
https://www.suse.com/security/cve/CVE-2026-23292
https://www.suse.com/security/cve/CVE-2026-23293
https://www.suse.com/security/cve/CVE-2026-23297
https://www.suse.com/security/cve/CVE-2026-23304
https://www.suse.com/security/cve/CVE-2026-23319
https://www.suse.com/security/cve/CVE-2026-23326
https://www.suse.com/security/cve/CVE-2026-23335
https://www.suse.com/security/cve/CVE-2026-23343
https://www.suse.com/security/cve/CVE-2026-23361
https://www.suse.com/security/cve/CVE-2026-23379
https://www.suse.com/security/cve/CVE-2026-23381
https://www.suse.com/security/cve/CVE-2026-23383
https://www.suse.com/security/cve/CVE-2026-23386
https://www.suse.com/security/cve/CVE-2026-23393
https://www.suse.com/security/cve/CVE-2026-23398
https://www.suse.com/security/cve/CVE-2026-23413
https://www.suse.com/security/cve/CVE-2026-23414
https://www.suse.com/security/cve/CVE-2026-23419
Plugin Details
Severity: High
ID: 309153
File Name: openSUSE-2026-20572-1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 4/22/2026
Updated: 4/22/2026
Supported Sensors: Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.1
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2026-23231
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:dtb-socionext, p-cpe:/a:novell:opensuse:dtb-amd, p-cpe:/a:novell:opensuse:cluster-md-kmp-default, p-cpe:/a:novell:opensuse:dtb-exynos, p-cpe:/a:novell:opensuse:cluster-md-kmp-64kb, p-cpe:/a:novell:opensuse:kernel-zfcpdump, p-cpe:/a:novell:opensuse:dtb-cavium, p-cpe:/a:novell:opensuse:dtb-lg, p-cpe:/a:novell:opensuse:kernel-rt-optional, p-cpe:/a:novell:opensuse:kernel-default-vdso, p-cpe:/a:novell:opensuse:kselftests-kmp-default, p-cpe:/a:novell:opensuse:ocfs2-kmp-azure, p-cpe:/a:novell:opensuse:dtb-xilinx, p-cpe:/a:novell:opensuse:kernel-64kb, p-cpe:/a:novell:opensuse:kernel-default-optional, p-cpe:/a:novell:opensuse:ocfs2-kmp-default, p-cpe:/a:novell:opensuse:kernel-source, p-cpe:/a:novell:opensuse:gfs2-kmp-64kb, p-cpe:/a:novell:opensuse:kselftests-kmp-azure, p-cpe:/a:novell:opensuse:kernel-syms, p-cpe:/a:novell:opensuse:dtb-mediatek, p-cpe:/a:novell:opensuse:dtb-amlogic, p-cpe:/a:novell:opensuse:cluster-md-kmp-rt, p-cpe:/a:novell:opensuse:dtb-arm, p-cpe:/a:novell:opensuse:kernel-default-base, p-cpe:/a:novell:opensuse:dtb-qcom, p-cpe:/a:novell:opensuse:dtb-sprd, p-cpe:/a:novell:opensuse:kernel-default, p-cpe:/a:novell:opensuse:dtb-altera, p-cpe:/a:novell:opensuse:kernel-macros, p-cpe:/a:novell:opensuse:kselftests-kmp-rt, p-cpe:/a:novell:opensuse:dlm-kmp-azure, p-cpe:/a:novell:opensuse:gfs2-kmp-rt, p-cpe:/a:novell:opensuse:kernel-64kb-optional, p-cpe:/a:novell:opensuse:kernel-rt-vdso, p-cpe:/a:novell:opensuse:dtb-hisilicon, p-cpe:/a:novell:opensuse:dtb-marvell, p-cpe:/a:novell:opensuse:kernel-azure-optional, p-cpe:/a:novell:opensuse:kernel-kvmsmall, p-cpe:/a:novell:opensuse:dlm-kmp-default, p-cpe:/a:novell:opensuse:dtb-apm, p-cpe:/a:novell:opensuse:cluster-md-kmp-azure, p-cpe:/a:novell:opensuse:dtb-renesas, p-cpe:/a:novell:opensuse:kernel-default-extra, p-cpe:/a:novell:opensuse:kernel-rt, p-cpe:/a:novell:opensuse:kernel-azure-vdso, p-cpe:/a:novell:opensuse:kselftests-kmp-64kb, p-cpe:/a:novell:opensuse:kernel-kvmsmall-vdso, p-cpe:/a:novell:opensuse:ocfs2-kmp-rt, p-cpe:/a:novell:opensuse:dtb-rockchip, p-cpe:/a:novell:opensuse:gfs2-kmp-azure, p-cpe:/a:novell:opensuse:kernel-obs-build, p-cpe:/a:novell:opensuse:kernel-azure, p-cpe:/a:novell:opensuse:dlm-kmp-64kb, cpe:/o:novell:opensuse:16.0, p-cpe:/a:novell:opensuse:dtb-apple, p-cpe:/a:novell:opensuse:kernel-obs-qa, p-cpe:/a:novell:opensuse:kernel-source-vanilla, p-cpe:/a:novell:opensuse:dtb-amazon, p-cpe:/a:novell:opensuse:dlm-kmp-rt, p-cpe:/a:novell:opensuse:kernel-64kb-extra, p-cpe:/a:novell:opensuse:dtb-broadcom, p-cpe:/a:novell:opensuse:kernel-azure-extra, p-cpe:/a:novell:opensuse:gfs2-kmp-default, p-cpe:/a:novell:opensuse:dtb-nvidia, p-cpe:/a:novell:opensuse:dtb-freescale, p-cpe:/a:novell:opensuse:ocfs2-kmp-64kb, p-cpe:/a:novell:opensuse:kernel-rt-extra, p-cpe:/a:novell:opensuse:dtb-allwinner
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/20/2026
Vulnerability Publication Date: 10/15/2025
Reference Information
CVE: CVE-2025-39998, CVE-2025-40253, CVE-2025-68794, CVE-2025-71239, CVE-2026-23072, CVE-2026-23103, CVE-2026-23120, CVE-2026-23125, CVE-2026-23138, CVE-2026-23140, CVE-2026-23187, CVE-2026-23193, CVE-2026-23201, CVE-2026-23204, CVE-2026-23215, CVE-2026-23216, CVE-2026-23231, CVE-2026-23239, CVE-2026-23240, CVE-2026-23242, CVE-2026-23243, CVE-2026-23255, CVE-2026-23262, CVE-2026-23270, CVE-2026-23272, CVE-2026-23274, CVE-2026-23277, CVE-2026-23278, CVE-2026-23281, CVE-2026-23292, CVE-2026-23293, CVE-2026-23297, CVE-2026-23304, CVE-2026-23319, CVE-2026-23326, CVE-2026-23335, CVE-2026-23343, CVE-2026-23361, CVE-2026-23379, CVE-2026-23381, CVE-2026-23383, CVE-2026-23386, CVE-2026-23393, CVE-2026-23398, CVE-2026-23413, CVE-2026-23414, CVE-2026-23419, CVE-2026-23425, CVE-2026-31788