Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-110 (ALASNITRO-ENCLAVES-2026-110)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-110 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680...

Amazon Linux 2 : docker, --advisory ALAS2DOCKER-2026-129 (ALASDOCKER-2026-129)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-129 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing...

Security update for yq (important)

openSUSE security update: security update for yq ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20892-1 Rating: important References: bsc1241719 bsc1251339 bsc1251540 bsc1266248 bsc1267053 bsc1267199 Cross-References: CVE-2024-45338 CVE-2025-22872...

CVE-2026-27136 vulnerabilities

Vulnerabilities for packages: fq, tenv-fips, frankenphp-8.5, harbor, frankenphp-8.4, nemo, terraform-provider-acme, hubble, prometheus-mongodb-exporter, crossplane-provider-azure-web, crossplane-provider-azure-servicefabric, kyverno, caddy, hydra,...

CVE-2026-27136 affecting package prometheus-adapter for versions less than 0.12.0-6

CVE-2026-27136 affecting package prometheus-adapter for versions less than 0.12.0-6. A patched version of the package is available...

CVE-2026-27136 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4

CVE-2026-27136 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-4. A patched version of the package is available...

CVE-2026-27136 affecting package cf-cli for versions less than 8.7.11-6

CVE-2026-27136 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...

CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11

CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...

CVE-2026-27136 affecting package docker-buildx for versions less than 0.14.0-13

CVE-2026-27136 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...

CVE-2026-27136 affecting package containerd2 for versions less than 2.1.6-3

CVE-2026-27136 affecting package containerd2 for versions less than 2.1.6-3. A patched version of the package is available...

CVE-2026-27136 affecting package cloud-provider-kubevirt for versions less than 0.5.1-4

CVE-2026-27136 affecting package cloud-provider-kubevirt for versions less than 0.5.1-4. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2026-27136

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications...

CVE-2026-27136

creationtimestamp| type| source ---|---|--- 2026-05-22 17:08:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhge7mzxk2k...

CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...