Linux Distros Unpatched Vulnerability : CVE-2026-33376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate...

io.automatiko.addons.services:automatiko-receive-email-addon (>=0.7.0 <=0.46.0), org.apache.camel.kafkaconnector:camel-imap-kafka-connector (>=0.1.0 <=0.11.5) +21 more potentially affected by CVE-2026-33454 via org.apache.camel:camel-mail (>=3.0.0 <=4.14.5)

org.apache.camel:camel-mail MAVEN version =3.0.0, =0.7.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =4.10.3, =1.0.0, =3.25.0, =1.0.0, =1.0.0, =3.19.0, =3.27.3 and more Source cves: CVE-2026-33454https://...

Ubuntu 20.04 LTS : Linux kernel (HWE) vulnerabilities (USN-8188-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8188-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.7.7 <=7.4.5) +209 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4b (>=5.6.100 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.r4b MAVEN version =5.6.100, =3.4.0, =5.7.7, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =6.2.0, =6.8.0, =6.4.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.7, =6.8.0 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

@aiswarm/api-graphql (>=0.1.0 <=0.1.9), @aiswarm/conductor (>=0.1.1 <=0.1.9) +55 more potentially affected by CVE-2026-30241 via mercurius (>=10.5.1 <=16.1.0)

mercurius NPM version =10.5.1, =0.1.0, =0.1.1, =0.1.1, =0.1.2, =0.3.0, =0.3.0, =1.0.0, =1.0.16, =0.0.3, =0.1.0, =0.1.0, =2.37.0, =2.64.0 and more Source cves: CVE-2026-30241 Source advisory: OSV:GHSA-M4H2-MJFM-MP55...

com.cognifide.aet:cleaner (>=2.0.0 <=3.2.2), com.cognifide.aet:communication (>=2.0.0 <=3.2.2) +184 more potentially affected by CVE-2025-66168 +1 more via org.apache.activemq:activemq-mqtt (>=5.10.0 <=5.19.1)

org.apache.activemq:activemq-mqtt MAVEN version =5.10.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =1.1.0, =1.2.4.5, =1.2.4.6, =1.2.4.5, =1.2.4.5, =1.2.6.7 and more Source cves: CVE-2025-66168, CVE-2026-40046 Source advisory: OSV:GHSA-C825-6PH3-4H84...

CVE-2025-26385 Metasys product command injection vulnerability could allow remote SQL execution

Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command Command Injection Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects Metasys: Application and Data Server ADS installed...

io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0), org.sonatype.nexus.api.extdirect:nexus-api-extdirect-common (>=3.81.0-08 <=3.87.2-01) +112 more potentially affected by CVE-2026-0600 via org.sonatype.nexus:nexus-validation (>=3.0.0-b2015061001 <=3.87.2-01)

org.sonatype.nexus:nexus-validation MAVEN version =3.0.0-b2015061001, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.4.0-02, =3.60.0-02, =3.4.0-02, =3.21.0-01, =3.0.0-03, =3.4.0-02, =0.6.1, =0.10.2, =0.14.0 - org.sonatype.nexus.plugins:nexus-blobstore-restore =3.4.0-02 and more Source cves:...

EUVD-2020-0616

Malware in sbrugna...

EUVD-2019-8019

Malware in sbrugna...

EUVD-2021-22608

Malware in sbrugna...

EUVD-2025-14030

Malicious code in bioql PyPI...

EUVD-2025-32056

Malicious code in bioql PyPI...

EUVD-2025-20759

Malicious code in bioql PyPI...

Ubuntu: Security Advisory (USN-7703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cc.zzzyu.seata:seata-server (=2.4.0), io.xuxiaowei.seata:seata-server (=2.4.0) +7 more potentially affected by CVE-2025-53606 via org.apache.seata:seata-serializer-fury (=2.4.0)

org.apache.seata:seata-serializer-fury MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-serializer-fury and may be impacted: - cc.zzzyu.seata:seata-server =2.4.0 - io.xuxiaowei.seata:seata-server =2.4.0 -...

com.apzda.cloud:apzda-cloud-gsvc-seata (>=1.2.22 <=3.4.0), io.xuxiaowei.seata:seata-server (>=2.1.0 <=2.2.0) +56 more potentially affected by CVE-2024-47552 +1 more via org.apache.seata:seata-config-core (>=2.1.0 <=2.2.0)

org.apache.seata:seata-config-core MAVEN version =2.1.0, =1.2.22, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.2.0 and more Source cves: CVE-2024-47552, CVE-2025-32897 Source advisory: OSV:GHSA-M964-FJRH-XXQ2...

CVE-2021-35975

Absolute path traversal vulnerability in the Systematica SMTP Adapter component up to v2.0.1.101 in Systematica Radius up to v.3.9.256.777 allows remote attackers to read arbitrary files via a full pathname in GET parameter "file" in URL. Also: affected components in same product - HTTP Adapter u...

Gardener allows metadata injection for a project secret which can lead to privilege escalation

A security vulnerability was discovered in the gardenlet component of Gardener. It could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations...

GHSA-9X73-87FH-54W9 Gardener allows metadata injection for a project secret which can lead to privilege escalation

A security vulnerability was discovered in the gardenlet component of Gardener. It could allow a user with administrative privileges for a Gardener project to obtain control over the seed clusters where their shoot clusters are managed. Am I Vulnerable? This CVE affects all Gardener installations...