90455 matches found
Important: Red Hat Security Advisory: openexr security update
An update for openexr is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Security Bulletin: Vulnerability in undici bundled with IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage
Summary IBM Fusion, IBM Fusion HCI, and IBM Fusion Content-Aware Storage include the undici library, which is affected by a denial of service vulnerability. CVE-2026-22036 Vulnerability Details CVEID:CVE-2026-22036 DESCRIPTION: Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0,...
CVE-2026-61500
Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of the same generator to unauthenticated clients during login. A remote attacker can collect a small number of login responses, reconstruct the generator's...
CVE-2026-49970
Vulnerability summary: Laravel-Mediable before 7.0.0 contains a path traversal flaw in File::sanitizePath() that lets attackers write uploaded files to arbitrary locations via MediaUploader::toDestination(), due to a permissive regex allowing dot/slash and a weak trailing trim. This can enable re...
CVE-2026-58228
Summary: CVE-2026-58228 affects phoenix_live_view (Phoenix.LiveView.Utils) and enables XSS via due to scheme validation bypass. The root cause is the internal uri_scheme/1 helper in Phoenix.LiveView.Utils that only detects schemes when the first byte is an ASCII letter; inputs starting with ASCI...
Security Bulletin: IBM DataStage Flow Designer application is affected by an information disclosure vulnerability (CVE-2026-9836)
Summary An information disclosure vulnerability was addressed in IBM DataStage Flow Designer . Vulnerability Details CVEID:CVE-2026-9836 DESCRIPTION: IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability. CWE:CWE-200: Exposure of...
CVE-2026-57432
creationtimestamp| type| source ---|---|--- 2026-07-13 17:37:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqka7mplwe26 2026-07-13 18:35:15+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqkdgymh2224...
ROOT-APP-MAVEN-CVE-2026-22748 CVE-2026-22748 in io.root.org.springframework.security:spring-security-oauth2-jose - Patched by Root
Root has patched CVE-2026-22748 in the io.root.org.springframework.security:spring-security-oauth2-jose package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-22751 CVE-2026-22751 in io.root.org.springframework.security:spring-security-core - Patched by Root
Root has patched CVE-2026-22751 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-22732 CVE-2026-22732 in io.root.org.springframework.security:spring-security-web - Patched by Root
Root has patched CVE-2026-22732 in the io.root.org.springframework.security:spring-security-web package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-54513 CVE-2026-54513 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2026-54513 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-54512 CVE-2026-54512 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root
Root has patched CVE-2026-54512 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-42338 CVE-2026-42338 in @rootio/ip-address - Patched by Root
Root has patched CVE-2026-42338 in the @rootio/ip-address package for Root:npm. Multiple fixed versions available...
CVE-2026-57816
creationtimestamp| type| source ---|---|--- 2026-07-13 12:09:52+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjnvukf5m2y 2026-07-13 21:31:43+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkncjxa5h2a...
ROOT-APP-PYPI-CVE-2026-48818 CVE-2026-48818 in rootio-starlette - Patched by Root
Root has patched CVE-2026-48818 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-54283 CVE-2026-54283 in rootio-starlette - Patched by Root
Root has patched CVE-2026-54283 in the rootio-starlette package for Root:PyPI. Multiple fixed versions available...
CVE-2026-61975
creationtimestamp| type| source ---|---|--- 2026-07-13 11:38:29+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjm5r5slr2x 2026-07-13 13:56:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjtubhnlx2z...
CVE-2026-57733
creationtimestamp| type| source ---|---|--- 2026-07-13 11:21:17+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjl6z33xh27 2026-07-13 21:33:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqknexzdpt27...
CVE-2026-57725
creationtimestamp| type| source ---|---|--- 2026-07-13 11:20:52+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjl6avoma2s...
CVE-2026-57719
creationtimestamp| type| source ---|---|--- 2026-07-13 11:20:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjl4ur7zb2b 2026-07-13 11:23:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjlchorxn24 2026-07-13 11:29:15+00:00| seen|...