FreeBSD : gstreamer1 -- multiple vulnerabilities (05aadfcc-55f5-11f1-915c-8974b59277b5)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 05aadfcc-55f5-11f1-915c-8974b59277b5 advisory. The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.2 release:...

CLEANSTART-2026-EJ96468 Security fixes for ghsa-2gh3-rmm4-6rq5, ghsa-394x-vwmw-crm3, ghsa-434x-w66g-qw3r, ghsa-65p9-r9h6-22vj, ghsa-9f94-5g5w-gf6r, ghsa-hfpc-8r3f-gw53, ghsa-pwjx-qhcg-rvj4, ghsa-r6v5-fh4h-64xc, ghsa-vw5v-4f2q-w9xf, ghsa-xwfj-jgwm-7wp5 applied in versions: 1.28.2-r0, 1.28.4-r0, 1.28.4-r1, 1.28.5-r0

Multiple security vulnerabilities affect the ztunnel-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Advisory ROSA-SA-2026-3206

software: nginx 1.28.2 OS: ROSA-CHROME unaffected versions = nginx-1.28.2-1 affected versions nginx-1.28.2-1 CVE-ID: CVE-2026-1642 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in NGINX OSS and NGINX Plus when proxying to upstream TLS servers allows an attacker in a man-in-the-middle...

CLEANSTART-2026-OJ16660 Security fixes for GHSA-2GH3-RMM4-6RQ5, GHSA-434X-W66G-QW3R, GHSA-R6V5-FH4H-64XC, GHSA-XWFJ-JGWM-7WP5 applied in versions: 1.28.2-r0, 1.28.4-r0

Multiple security vulnerabilities affect the ztunnel-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-NN87556 Security fixes for GHSA-2GH3-RMM4-6RQ5, GHSA-434X-W66G-QW3R, GHSA-R6V5-FH4H-64XC, GHSA-XWFJ-JGWM-7WP5 applied in versions: 1.28.2-r0, 1.29.0-r0

Multiple security vulnerabilities affect the ztunnel-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Amazon Linux 2 : nginx, --advisory ALAS2NGINX1-2026-010 (ALASNGINX1-2026-010)

The version of nginx installed on the remote host is prior to 1.28.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2026-010 advisory. A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. A...

[SECURITY] Fedora 43 Update: nginx-1.28.2-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2026-cd0705c6a7)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-cd0705c6a7 advisory. nginx-mod-naxsi: - Rebuild for 1.28.2 nginx-mod-brotli: - Rebuild for 1.28.2 nginx-mod-fancyindex: - Rebuild for 1.28.2 nginx-mod-modsecurity: - Rebuild for...

CVE-2026-1642 affecting package nginx for versions less than 1.28.2-1

CVE-2026-1642 affecting package nginx for versions less than 1.28.2-1. An upgraded version of the package is available that resolves this issue...

rustup-1.28.2~0-3.1 on GA media (moderate)

rustup-1.28.20-3.1 on GA media Announcement ID: openSUSE-SU-2026:10180-1 Rating: moderate Cross-References: CVE-2026-25727 CVSS scores: CVE-2026-25727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-25727 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

OPENSUSE-SU-2026:10180-1 rustup-1.28.2~0-3.1 on GA media

These are all security issues fixed in the rustup-1.28.20-3.1 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2026-22689

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...

CVE-2026-23766

No description is available for this CVE...

CVE-2026-23766

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

EUVD-2026-2704

Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the traffic.sidecar.istio.io/excludeInterfaces annotation. NOTE: the reporter's position is "this doesn't represent a security vulnerability pod creators can already exclude sidecar injection entirely."...

Istio parameter injection vulnerability

Istio is an open-source platform that connects, manages, and protects microservices. Versions of Istio prior to 1.28.2 have a parameter injection vulnerability. This vulnerability stems from the ability to inject iptables rules through annotations, thereby changing the firewall’s behavior...

CVE-2026-22689

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...

EUVD-2026-1872

Mailpit is vulnerable to Cross-Site WebSocket Hijacking CSWSH allowing unauthenticated access to emails...

CVE-2026-22689

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...

CVE-2026-22689 Mailpit is vulnerable to Cross-Site WebSocket Hijacking (CSWSH) allowing unauthenticated access to emails

Mailpit is an email testing tool and API for developers. Prior to version 1.28.2, the Mailpit WebSocket server is configured to accept connections from any origin. This lack of Origin header validation introduces a Cross-Site WebSocket Hijacking CSWSH vulnerability. An attacker can host a malicio...