8252 matches found
Amazon Linux 2023 : python3.14, python3.14-devel, python3.14-freethreading (ALAS2023-2026-1556)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1556 advisory. The webbrowser.open API would accept leading dashes in the URL whichcould be handled as command line options for certain web browsers. Newbehavior rejects leading dashes. Users are recommended to...
PT-2026-32287
I got an alert from GitHub Dependabot to update the google-adk python version to v1.28.1 because of a vulnerability in versions 1.7.0 to 1.28.0. https://github.com/advisories/GHSA-rg7c-g689-fr3x A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit ADK versions...
OPENSUSE-SU-2026:10536-1 libcap-devel-2.78-1.1 on GA media
These are all security issues fixed in the libcap-devel-2.78-1.1 package on the GA media of openSUSE Tumbleweed...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-bin-24.14.1-4.1.hum1 noarch nodejs24-devel-24.14.1-4.1.hum1 aarch64, x8664 nodejs24-docs-24.14.1-4.1.hum1 noarch...
Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: sqlite: lemon-3.52.0-1.1.hum1 aarch64, x8664 sqlite-3.52.0-1.1.hum1 aarch64, x8664 sqlite-analyzer-3.52.0-1.1.hum1 aarch64, x8664 sqlite-debug-3.52.0-1.1.hum1 aarch64, x8664...
OPENSUSE-SU-2026:10533-1 libopenssl-3-devel-3.5.3-4.1 on GA media
These are all security issues fixed in the libopenssl-3-devel-3.5.3-4.1 package on the GA media of openSUSE Tumbleweed...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libxml2: libxml2-16-2.15.2-0.3.hum1 aarch64, x8664 libxml2-2.15.2-0.3.hum1 aarch64, x8664 libxml2-devel-2.15.2-0.3.hum1 aarch64, x8664 libxml2-static-2.15.2-0.3.hum1 aarch64, x8664...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libcap: captree-2.78-1.1.hum1 aarch64, x8664 libcap-2.78-1.1.hum1 aarch64, x8664 libcap-devel-2.78-1.1.hum1 aarch64, x8664 libcap-static-2.78-1.1.hum1 aarch64, x8664 libcap-2.78-1.1.hum1.src src...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs22: nodejs22-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-bin-22.22.0-1.3.hum1 noarch nodejs22-devel-22.22.0-1.3.hum1 aarch64, x8664 nodejs22-docs-22.22.0-1.3.hum1 noarch...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs20: nodejs20-20.20.0-7.1.hum1 aarch64, x8664 nodejs20-bin-20.20.0-7.1.hum1 noarch nodejs20-devel-20.20.0-7.1.hum1 aarch64, x8664 nodejs20-docs-20.20.0-7.1.hum1 noarch...
Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk
In this article 1. Technical details 2. Disclosure timeline 3. Mitigation and protection guidance 4. References 5. Learn more During routine security research, we identified a severe intent redirection vulnerability in a widely used third-party Android SDK called EngageSDK. This flaw allows apps ...
CVE-2026-39680
Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Diet Calorie Calculator: from n/a through = 1.1.1...
[SECURITY] Fedora 43 Update: pspp-2.1.1-5.fc43
PSPP is a program for statistical analysis of sampled data. It interprets commands in the SPSS language and produces tabular output in ASCII, PostScript, or HTML format. PSPP development is ongoing. It already supports a large subset of SPSS's transformation language. Its statistical procedure...
[SECURITY] Fedora 43 Update: goose-1.23.2-7.fc43
Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...
SDL2_image-devel-2.8.10-1.1 on GA media (moderate)
SDL2image-devel-2.8.10-1.1 on GA media Announcement ID: openSUSE-SU-2026:10494-1 Rating: moderate Cross-References: CVE-2026-35444 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
CVE-2026-39364
A flaw was found in Vite, a frontend tooling framework for JavaScript. On the Vite development server, a remote attacker could exploit this vulnerability by appending specific query parameters, such as ?raw, to requests. This allows the attacker to bypass security restrictions and retrieve...
CVE-2026-39365
A flaw was found in Vite. The development server's handling of .map requests contains a path traversal vulnerability. A remote attacker can exploit this by sending a specially crafted request with directory traversal sequences ../ to bypass security restrictions. This allows the attacker to...
CVE-2026-35568
The CVE-2026-35568 entry corresponds to a DNS rebinding vulnerability in the MCP Java SDK (official Java SDK for Model Context Protocol servers/clients). Prior to version 1.0.0, the java-sdk did not validate the Origin header, enabling an attacker-controlled webpage on local or adjacent networks ...
EUVD-2026-19954
Java-SDK has a DNS Rebinding Vulnerability...
GHSA-8JXR-PR72-R468 Java-SDK has a DNS Rebinding Vulnerability
Summary The java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to access a locally or network-private java-sdk MCP server via a victims browser that is either local, or network adjacent. This allows an attacker to make any tool call to the server as if they wer...