CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: cloud-sql-proxy, telegraf, mcp-grafana, metrics-server, istio, opentelemetry-collector-contrib, karma, prometheus, splunk-otel-collector, loki, mc, certificate-transparency, opentelemetry-operator, node-problem-detector, trillian, jaeger, prometheus-pushgateway,...

CVE-2026-44903 vulnerabilities

Vulnerabilities for packages: beats-fips, certificate-transparency-fips, fluent-bit-plugin-loki, karma, ld-relay, metrics-server, minio, nrdot-collector-k8s, mcp-grafana, opentelemetry-collector, prometheus-pushgateway-fips, splunk-otel-collector-fips, datadog-agent-fips, loki, prometheus,...

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: sqlexporter, rke2-runtime-fips, flyte, goose, openbao-fips, hydra, hydra-fips, juicefs, kine, azure-service-operator, authentik, spire-server-fips, pgwatch, sftpgo-plugin-eventsearch, spqr, timescaledb-parallel-copy, gitlab-cng-fips, rke2-runtime, seaweedfs,...

Google's Android Apps Get Public Verification to Stop Supply Chain Attacks

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiati...

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: step-ca, libnvidia-container, sbom-convert, kots, prometheus-adapter, xeol, slsa-verifier, mockery, helm-mapkubeapis, terraform-provider-azuread, gh, envoy-gateway, secrets-store-csi-driver, falco-no-driver, kubernetes-csi-driver-hostpath, go-licenses, eksctl,...

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: crossplane, kargo, ko, step-ca, rancher-agent, libnvidia-container, lazydocker, cloudnative-pg, wal-g, grafana-agent-operator, docker-credential-gcr, witness, splunk-otel-collector, cluster-autoscaler, kots, prometheus-adapter, promxy, crossplane-provider-sql, cerbos...

CVE-2026-24122

Cosign

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: step-issuer, step-ca, temporal-server, jitsucom-bulker, mattermost, flux-kustomize-controller, juicefs, kyverno-policy-reporter, openfga, sftpgo, croc, ksops, openbao, telegraf, amass, witness, terragrunt, splunk-otel-collector, kots, crossplane-provider-sql, cerbos,...

Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2025-32989)

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

Astra Linux - уязвимость в gnutls28

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...

EUVD-2017-2993

Malware in sbrugna...

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

EUVD-2025-20927

Malicious code in bioql PyPI...

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

gnutls: Vulnerability in GnuTLS SCT extension parsing

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

Security update for gnutls

This update for gnutls fixes the following issues: CVE-2025-32988: Fixed double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232. CVE-2025-32989: Fixed heap buffer overread when handling the CT SCT extension during X.509 certificate...

TencentOS Server 4: gnutls (TSSA-2025:0540)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0540 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an...