Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.3

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.3 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.10.3 release that simplify the process of...

CVE-2026-42184

Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to...

EUVD-2026-32527

Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to...

CVE-2026-42184 Tauri: Origin Confusion Allows Remote Pages to Invoke Local-Only IPC Commands

Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to...

Important: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.3

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.3 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.10.3 release that simplify the process of...

CLEANSTART-2026-FH54780 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32287, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-34986, ghsa-65xw-vw82-r86x, ghsa-6g7g-w4f8-9c9x, ghsa-78h2-9frx-2jm8, ghsa-cfpf-hrx2-8rv6, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p77j-4mvh-x3m3 applied in versions: 2.10.3-r0, 2.9.0-r0

Multiple security vulnerabilities affect the tempo package. These issues are resolved in later releases. See references for individual vulnerability details...

OPENSUSE-SU-2026:10390-1 tempo-cli-2.10.3-1.1 on GA media

These are all security issues fixed in the tempo-cli-2.10.3-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-50248

CKAN is an open-source data management system for powering data hubs and data portals. Starting in version 2.0.0 and prior to versions 2.9.10 and 2.10.3, when submitting a POST request to the /dataset/new endpoint including either the auth cookie or the Authorization header with a specially-craft...

CVE-2025-69030

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a through = 2.10.3...

CVE-2025-69030

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Backpack Traveler backpacktraveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backpack Traveler: from n/a through = 2.10.3...

CVE-2025-69030

CVE-2025-69030 affects Backpack Traveler (Mikado-Themes) WordPress plugin/theme, with an Authorization Bypass Through User-Controlled Key vulnerability reported for Backpack Traveler variants up to 2.10.3. The Initial Description notes an access-control issue enabling bypass via a user-controlled...

WordPress plugin Backpack Traveler 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-53911

Name of the Vulnerable Software and Affected Versions Mikado-Themes Backpack Traveler versions through 2.10.3 Description An authorization bypass exists in Mikado-Themes Backpack Traveler due to incorrectly configured access control security levels. This allows exploitation through a...

WordPress Better Messages plugin <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin BP Better Messages versions = 2.10.2...

@10play/tentap-editor (>=0.5.27 <=0.7.5-alpha.0), @adminjs/design-system (>=3.0.0 <=4.0.3) +126 more potentially affected by CVE-2025-14284 via @tiptap/extension-link (>=2.0.0-beta.18 <=2.10.3)

@tiptap/extension-link NPM version =2.0.0-beta.18, =0.5.27, =3.0.0, =0.4.1, =3.0.0-alpha.1, =0.0.1, =0.2.1, =0.2.0, =0.1.0, =0.28.0, =3.4.0, =1.2.0, =0.0.3, =0.4.1 and more Source cves: CVE-2025-14284 Source advisory: OSV:GHSA-VHRC-HGRQ-X75R...

JLSEC-2025-77 An issue was discovered in libxml2 before 2.10.3

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault...

EUVD-2024-51442

Malicious code in bioql PyPI...

EUVD-2022-0543

Malicious code in bioql PyPI...

EUVD-2022-1587

Malicious code in bioql PyPI...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.10.3.jar

Summary IBM Watson Discovery Cartridge contains a vulnerable version of jackson-core-2.10.3.jar Vulnerability Details CVEID:CVE-2025-49128 DESCRIPTION: Jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. Starting in versio...