PatchHawk

7-Zip 26.01's changelog lists exactly ONE security fix. We diffed the source, 26.00 -> 26.01. It silently shipped 14 MORE. "Some bugs were fixed" was doing a lot of heavy lifting. 🧵

Related Link 👇 https://t.co/XW7vJuIhCO

Linux mainline quietly shipped a fix for a remote kernel heap overflow in the iSCSI target. It fires during login, before the CHAP password is ever checked. No CVE. The commit just says "validate CHAP_R length before base64 decode." Only watch CVE feeds? You missed it. 🧵

🦅 Silent Patch Watch Vendors often ship real security fixes as "minor bug fixes" — no CVE, no advisory. Every Thursday we diff a release and show the one that actually mattered, so you can update before attackers notice. Follow + 🔖 for the first issue this week.