SUSE CVE-2026-33700

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, the DELETE /api/v1/projects/:project/shares/:share endpoint does not verify that the link share belongs to the project specified in the URL. An attacker with admin access to any project can delete link shares...

CVE-2025-36228

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse...

CVE-2025-40938

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

CVE-2025-38543

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix dmaalloccoherent error check Check for NULL return value with dmaalloccoherent, in line with Robin's fix for vic.c in 'drm/tegra: vic: Fix DMA API misuse'...

Securing Cloud AI and LLMs with TotalAI for Visibility, Risk Context and Control

As enterprises accelerate AI adoption, large language models LLMs hosted on public cloud platforms are quickly becoming the norm due to their simplified access and pricing model. Cloud-native services like AWS Bedrock, Azure AI Foundry, and Google Vertex AI offer powerful, pay-as-you-go access to...