[SECURITY] Fedora 44 Update: plasma-sdk-6.6.4-1.fc44

Plasma SDK contains tools for plasma development...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: jq: jq-1.8.1-3.hum1 aarch64, x8664 jq-devel-1.8.1-3.hum1 aarch64, x8664 jq-1.8.1-3.hum1.src src...

Important: Red Hat Security Advisory: .NET 9.0 security update

An update for .NET 9.0 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CLSA-2026-1775779143 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance Certificate Checking - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21925: improve JMX connections - CVE-2025-65018: fix LIBPNG heap buffer overflow - CVE-2025-64720: fix LIBPNG buffer...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libgcrypt: libgcrypt-1.12.2-1.hum1 aarch64, x8664 libgcrypt-devel-1.12.2-1.hum1 aarch64, x8664 libgcrypt-1.12.2-1.hum1.src src...

VulnForge

VulnForge AI-Powered Vulnerability Scanner & Auto-Exploit E...

Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.116 and .NET Runtime...

.NET 9.0 security update

9.0.116-1.0.1 - Add support for Oracle Linux 9.0.116-1 - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163389...

io.github.epi155:promethium-pgp-jdk5 (=0.5-B1), io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0) +220 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15to18 (>=1.65 <=1.82)

org.bouncycastle:bcpg-jdk15to18 MAVEN version =1.65, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-beta3, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =4.5.0-alpha2, =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.10.0 and more Source cves: CVE-2026-3505 Source advisory:...

EUVD-2026-22591

Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network...

org.apache.avro/avro: Apache Avro Java SDK: Code injection on Java generated code

A code injection flaw has been discovered in Apache Avro. This vulnerability manifests when generating specific records from untrusted Avro schemas...

Exploit_Development

Ex...

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

OX Security recently analyzed 216 million security findings across 250 organizations over a 90-day period. The primary takeaway: while raw alert volume grew by 52% year-over-year, prioritized critical risk grew by nearly 400%. The surge in AI-assisted development is creating a "velocity gap" wher...

APSB26-41 : Security update available for Adobe DNG SDK

Adobe has released an update for the Adobe DNG Software Development Kit SDK for Windows and macOS. This update resolves important vulnerabilities that could lead to application denial-of-service and memory exposure...

PT-2026-32765

DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt memory, causing the application to crash or become unresponsive. Exploitation of this issue...

Google Agent Development Kit (ADK) has a Code Injection and Missing Authentication vulnerability

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

EUVD-2026-21900

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

CVE-2026-4810

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

CVE-2026-4810

A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions 1.7.0 and 2.0.0a1 through 1.28.1 and 2.0.0a2 on Python OSS, Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting the ADK instance. This...

Agent Development Kit 安全漏洞

Agent Development Kit is an open-source development framework provided by Google for building and deploying AI agents. Versions 1.7.0 to 1.28.1 and 2.0.0a1 to 2.0.0a2 of the Agent Development Kit contain security vulnerabilities. These vulnerabilities stem from code injection and lack of...