Atlassian Jira Service Management Data Center and Server 5.15.2 < 10.3.18 / 10.4.0 < 11.3.5 (JSDSERVER-16575)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16575 advisory. - This File Inclusion vulnerability allows an unauthenticated attacker to get the application to displ...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz, tar-7.5.9.tgz which is vulnerable to CVE-2026-29786

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.7.tgz, tar-7.5.9.tgz which is vulnerable to CVE-2026-29786, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-29786 DESCRIPTION: node-tar is a...

[SECURITY] [DLA 4552-1] node-tar security update

Debian LTS Advisory DLA-4552-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert April 29, 2026 https://wiki.debian.org/LTS Package : node-tar Version : 6.0.5+ds1+cs11.3.9-1+deb11u3 CVE ID : CVE-2024-28863 CVE-2026-23745 CVE-2026-24842 CVE-2026-26960 CVE-2026-29786...

CLEANSTART-2026-DU32240 Security fixes for CVE-2026-2391, CVE-2026-26960, CVE-2026-29786, CVE-2026-31802, ghsa-34x7-hfp2-rc4v, ghsa-5359-pvf2-pw78, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-r6q2-hw4h-h46w applied in versions: 4.2.1.1-r1, 4.2.1.1-r2, 4.3.0.1-r0, 4.3.1-r0

Multiple security vulnerabilities affect the thingsboard-tb-web-ui package. These issues are resolved in later releases. See references for individual vulnerability details...

Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1483)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1483 advisory. node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that...

Important: nodejs20

Issue Overview: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be...

CVE-2026-29786 vulnerabilities

Vulnerabilities for packages: graalvm, npm, opensearch-dashboards, saf, wazuh-dashboard, tileserver-gl, renovate, kibana, pulumi, opensearch-dashboards-fips, actions-runner, prism, wazuh-dashboard-fips, sqlpad, lerna, node-gyp, redisinsight, tileserver-gl-fips...

@adenta/cms (>=0.0.6 <=1.1.1-0), @adobe/helix-deploy (>=11.0.19 <=11.1.15) +288 more potentially affected by CVE-2026-29786 via tar (>=7.0.0 <=7.5.1)

tar NPM version =7.0.0, =0.0.6, =11.0.19, =1.0.0, =1.0.2, =0.1.1, =0.1.1, =2.17.11, =1.9.5, =8.8.3, =0.0.2, =0.0.22 and more Source cves: CVE-2026-29786 Source advisory: SNYK:JS-TAR-15416075...