EUVD-2026-33734

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.48.0

Summary IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.48.0 Vulnerability Details CVEID:CVE-2026-33814 DESCRIPTION: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE...

VMware Spring Cloud Function security vulnerabilities

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from infinite recursion at the routing layer, potentially leading to a memory insufficiency...

PT-2026-45515

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

VMware Spring Cloud Function security vulnerabilities

VMware Spring Cloud Function is a Java functional application development framework provided by the American company VMware. There is a security vulnerability in VMware Spring Cloud Function, which stems from attempting to add an unlimited number of functions to the function registry, potentially...

Photon OS 5.0: Linux PHSA-2026-5.0-0854

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0854. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Gnutls PHSA-2026-5.0-0852

An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0852. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-41075

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 5.0.0 through 5.0.9 and 6.0.0 through 6.0.2 contain an SQL injection vulnerability. An authenticated user can craft input that is incorporated into database queries without proper validation, potentially allowing th...

Critical Photon OS Security Update - PHSA-2026-5.0-0854

Updates of 'linux-esx', 'linux' packages of Photon OS have been released...

Photon OS 5.0: Chromium PHSA-2026-5.0-0850

An update of the chromium package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0850. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Python3 PHSA-2026-5.0-0850

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0850. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Linux PHSA-2026-5.0-0846

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0846. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Garmin WDU 安全漏洞

Garmin WDU is a wireless data unit developed by Garmin Corporation, designed for data updates and maintenance of aviation electronic devices. Both the Garmin WDU v1 1.4.6 version and v2 5.0 version contain security vulnerabilities. These vulnerabilities stem from authentication bypasses, allowing...

actscene-ocr (>=0.1.3 <=0.1.5), agent-zero (>=0.1.0 <=0.1.2) +78 more potentially affected by CVE-2026-44660 via ujson (>=5.0.0 <=5.12.0)

ujson PYPI version =5.0.0, =0.1.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0a2, =2.2.0, =6.2.0.dev68, =0.1.0, =0.0.23, =0.1.0, =2.0.12, =0.0.59, =0.1.0, =8.124.0, =8.125.0 and more Source cves: CVE-2026-44660 Source advisory: SNYK:PYTHON-UJSON-16643463...

CVE-2026-22924

A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions...

Important Photon OS Security Update - PHSA-2026-5.0-0846

Updates of 'linux-esx', 'linux' packages of Photon OS have been released...

Photon OS 5.0: Linux PHSA-2026-5.0-0842

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0842. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Expat PHSA-2026-5.0-0843

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0843. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

GHSA-86WQ-234Q-R6WG Spring Cloud Config Server Susceptible To TOCTOU Attack

The base directory spring.cloud.config.server.git.basedir used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use TOCTOU attacks. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterpris...