CVE-2026-40025 affecting package sleuthkit for versions less than 4.12.1-2

CVE-2026-40025 affecting package sleuthkit for versions less than 4.12.1-2. A patched version of the package is available...

CVE-2026-40026 affecting package sleuthkit for versions less than 4.12.1-2

CVE-2026-40026 affecting package sleuthkit for versions less than 4.12.1-2. A patched version of the package is available...

SUSE CVE-2026-29193

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their...

CVE-2026-29193

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their...

CVE-2026-29193

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their...

CVE-2026-29193

Technical details for CVE-2026-29193 are not publicly available in the provided documents. No affected products, versions, root cause, or patch specifics are described beyond the initial entry. Monitor for updates from vendors and security advisories.

CVE-2026-29193 ZITADEL: Bypassing Zitadel Login Behavior and Security Policy in Login V2

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their...

CLEANSTART-2026-MY73913 Security fixes for GHSA-R6J8-C6R2-37RR applied in versions: 4.12.1-r0

Security vulnerability affects the kubernetes-csi-driver-nfs package. This issue is resolved in later releases. See references for vulnerability details...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002755 advisory. The driveroverride implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000565 advisory. The driveroverride implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition...

CVE-2025-67716

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

CVE-2025-67716

CVE-2025-67716 affects the Auth0/nextjs-auth0 SDK. Versions 4.9.0–4.12.1 contain an input-validation flaw in the returnTo parameter that can inject unintended OAuth query parameters into the authorization request, potentially causing tokens to be issued with unintended parameters. Remediation: up...

CVE-2025-67716 Auth0 Next.js SDK has Improper Validation of Query Parameters

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions 4.9.0 through 4.12.1 contain an input-validation flaw in the returnTo parameter, which could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request...

CVE-2025-67490 Auth0 Next.js SDK has Improper Request Caching Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

CVE-2025-67490 Auth0 Next.js SDK has Improper Request Caching Lookup

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in...

EUVD-2023-2540

Malicious code in bioql PyPI...

EUVD-2023-2389

Malicious code in bioql PyPI...

@golocalinteractive/golocal-cloud-wrapper (>=0.0.101 <=1.3.23), @jatango-ds/abrazo-web (>=0.1.0 <=0.1.2) +10 more potentially affected by CVE-2025-48947 via @auth0/nextjs-auth0 (>=4.12.1 <=4.20.0)

@auth0/nextjs-auth0 NPM version =4.12.1, =0.0.101, =0.1.0, =8.2.3, =1.0.0, =2.4.0, =0.1.0, =1.5.0, =0.0.1, =0.48.0, =1.4.0 Source cves: CVE-2025-48947 Source advisory: OSV:GHSA-F3FG-MF2Q-FJ3F...

CVE-2023-38507

Strapi is the an open-source headless content management system. Prior to version 4.12.1, there is a rate limit on the login function of Strapi's admin screen, but it is possible to circumvent it. Therefore, the possibility of unauthorized login by login brute force attack increases. Version 4.12...

@golocalinteractive/golocal-cloud-wrapper (>=0.0.101 <=1.3.23), @jatango-ds/abrazo-web (>=0.1.0 <=0.1.2) +10 more potentially affected by CVE-2025-46344 via @auth0/nextjs-auth0 (>=4.12.1 <=4.20.0)

@auth0/nextjs-auth0 NPM version =4.12.1, =0.0.101, =0.1.0, =8.2.3, =1.0.0, =2.4.0, =0.1.0, =1.5.0, =0.0.1, =0.48.0, =1.4.0 Source cves: CVE-2025-46344 Source advisory: OSV:GHSA-PJR6-JX7R-J4R6...