827 matches found
May 12, 2026—KB5087471 (Monthly Rollup)
May 12, 2026—KB5087471 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only a...
May 12, 2026—KB5087470 (Monthly Rollup)
May 12, 2026—KB5087470 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only are...
May 12, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 (KB5087049)
May 12, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 KB5087049 Applies to: Microsoft .NET Framework 3.5 Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Window...
ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.114.0 <=0.120.0), ai.ancf.lmos:arc-memory-mongo-spring-boot-starter (>=0.114.0 <=0.120.0) +4735 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.4.0 <=3.4.13)
org.springframework.boot:spring-boot MAVEN version =3.4.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.17.0, =1.17.0, =1.17.0, =0.0.1, =0.0.1, =0.25.7-rc.64, =0.25.7-rc.68 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +20700 more potentially affected by CVE-2026-40974 via org.springframework.boot:spring-boot-autoconfigure (>=3.0.0 <=3.5.13)
org.springframework.boot:spring-boot-autoconfigure MAVEN version =3.0.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013785)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013785 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010788)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010788 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007452)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007452 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: arcuart: fix ofiomap leak in arcserialprobe Smatch reports:...
April 14, 2026—KB5082127 (Monthly Rollup)
April 14, 2026—KB5082127 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only ar...
April 14, 2026—KB5082126 (Monthly Rollup)
April 14, 2026—KB5082126 Monthly Rollup Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoints for ESU only...
April 14, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 (KB5082406)
April 14, 2026-Security and Quality Rollup for .NET Framework 3.5 for Windows Server 2012 R2 KB5082406 Applies to: Microsoft .NET Framework 3.5 Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running...
April 14, 2026-Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 (KB5082403)
April 14, 2026-Security and Quality Rollup for .NET Framework 4.8 for Windows Server 2012 KB5082403 Applies to: Microsoft .NET Framework 4.8 Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows...
EUVD-2026-20994
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts...
CVE-2026-5187 Heap Out-of-Bounds Write in DecodeObjectId() in wolfSSL
Two potential heap out-of-bounds write locations existed in DecodeObjectId in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values out0 and out1, enabling a 2-byte out-of-bounds write when outSz equals 1. Second, multiple callers pass...
CVE-2026-40069
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...
CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...
CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts
BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...
CVE-2026-40069
The vulnerability affects the BSV Ruby SDK (gem) prior to version 0.8.2, specifically BSV::Network::ARC failure detection. From 0.1.0 to 0.8.1, ARC only recognizes REJECTED and DOUBLE_SPEND_ATTEMPTED; responses with txStatus values INVALID, MALFORMED, MINED_IN_STALE_BLOCK, or any ORPHAN-containin...
bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts
ARC broadcaster treats failure statuses as successful broadcasts Summary BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are silently...
USN-8140-1: Cairo vulnerabilities
Alberto Garcia, Francisco Oca and Suleman Ali discovered that Cairo did not properly manage memory. An attacker could possibly use this issue to cause Cairo to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2017-9814 ...