EUVD-2026-33734

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

ignition-2.26.0-4.1 on GA media (moderate)

ignition-2.26.0-4.1 on GA media Announcement ID: openSUSE-SU-2026:10892-1 Rating: moderate Cross-References: CVE-2026-33814 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

PT-2026-45515

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

OPENSUSE-SU-2026:10892-1 ignition-2.26.0-4.1 on GA media

These are all security issues fixed in the ignition-2.26.0-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10875-1 hauler-1.4.3-4.1 on GA media

These are all security issues fixed in the hauler-1.4.3-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10846-1 perl-YAML-Syck-1.450.0-4.1 on GA media

These are all security issues fixed in the perl-YAML-Syck-1.450.0-4.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10803-1 git-bug-0.10.1-4.1 on GA media

These are all security issues fixed in the git-bug-0.10.1-4.1 package on the GA media of openSUSE Tumbleweed...

Unity Linux 20.1070e Security Update: netty (UTSA-2026-017795)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017795 advisory. The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large...

GHSA-86WQ-234Q-R6WG Spring Cloud Config Server Susceptible To TOCTOU Attack

The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterpris...

CVE-2026-40982

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

OPENSUSE-SU-2026:10700-1 apptainer-1.4.5-4.1 on GA media

These are all security issues fixed in the apptainer-1.4.5-4.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-1726

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...

EUVD-2026-25127

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...

PT-2026-34578

IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1...

EUVD-2026-23784

A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...

CVE-2026-6644

A command injection vulnerability was found in the PPTP VPN Clients on the ADM. The vulnerability allows an administrative user to break out of the restricted web environment and execute arbitrary code on the underlying operating system. This occurs due to insufficient validation of user-supplied...

OPENSUSE-SU-2026:10533-1 libopenssl-3-devel-3.5.3-4.1 on GA media

These are all security issues fixed in the libopenssl-3-devel-3.5.3-4.1 package on the GA media of openSUSE Tumbleweed...

PHPGurukul News Portal Project SQL注入漏洞

PHPGurukul News Portal Project is a news portal project of PHPGurukul Corporation. Version 4.1 of the PHPGurukul News Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of parameters in the file/news-details.php, which may lead to SQL injection...

PHPGurukul News Portal Project SQL注入漏洞

PHPGurukul News Portal Project is a news portal project of PHPGurukul Corporation. Version 4.1 of the PHPGurukul News Portal Project has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter Username in the file admin/checkavailability.php, which may le...