CVE-2025-66273

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

Injection axios Dependency in Bitbucket Data Center

This High severity Injection vulnerability was introduced in versions 9.4.12, 10.2.0, and 10.3.0 of Bitbucket Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to modify the...

Astra Linux – Vulnerability in Ruby 2.5

A issue was discovered in RDoc versions 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdocoptions used for configuration in RDoc as a YAML file, object injection and resulting remote code execution are possible because there are no restrictions on the classes that c...

CVE-2026-8975

Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 151, Firefox...

CLEANSTART-2026-JV26120 Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-24051, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-35469, CVE-2026-39883, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2 applied in versions: 1.34.2-r0, 1.35.0-r0, 1.35.3-r0, 1.35.3-r1, 1.35.3-r2

Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details...

BIT-TOMCAT-2026-43514 Apache Tomcat: AJP secret compared in non-constant time

Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0 through 11.0.21, from 10.1.0 through 10.1.54, from 9.0.0 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versions may al...

IBM MQ 9.1 < 9.1.0.36 LTS / 9.2 < 9.2.0.42 LTS / 9.3 < 9.3.0.40 LTS / 9.3 < 9.4.5.1 CD / 9.4 < 9.4.0.21 LTS / 9.4.5.1 (7272317)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7272317 advisory. - IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when...

CVE-2026-8092

Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox...

GHSA-6G23-24MC-HX6X Spring Cloud Config vulnerable to Path Traversal

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

Spring Cloud Config vulnerable to Path Traversal

Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead to a directory traversal attack. Spring Cloud Config 3.1.x: affected from...

CVE-2026-41004

When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterprise Support Only. Spring Cloud Config 4.1.x: affected from 4.1.0 throu...

BASM (Broken Authentication & Session Management) in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 9.1.0, 9.2.0, 9.3.1, 9.4.0,...

HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center

This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses xmldom which is vulnerable to CVE-2026-34601

Summary IBM Maximo Application Suite - Visual Inspection component uses xmldom which is vulnerable to CVE-2026-34601, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-34601 DESCRIPTION: xmldom is a pure JavaScript W3C...

Security Bulletin: IBM Edge Data Collector uses PyJWT-2.10.1-py3-none-any.whl, pyjwt-2.11.0-py3-none-any.whl which is vulnerable to CVE-2026-32597.

Summary IBM Edge Data Collector uses PyJWT-2.10.1-py3-none-any.whl, pyjwt-2.11.0-py3-none-any.whl which is vulnerable to CVE-2026-32597. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-32597 DESCRIPTION: PyJWT is a JSON Web Token implementatio...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

CVE-2026-40244

OpenEXR exposed an integer overflow in the DWA setupChannelData path. In versions 3.4.0–3.4.9, 3.3.0–3.3.9, and 3.2.0–3.2.7, internal_dwa_compressor.h:1722 performs curc-&gt;width * curc-&gt;height using int32 arithmetic without a size_t cast, creating an overflow condition. A fix has been applie...

PT-2026-34015

Name of the Vulnerable Software and Affected Versions Bamboo Data Center versions 9.6.0 through 9.6.24 Bamboo Data Center versions 10.0.0 through 10.2.17 Bamboo Data Center versions 11.0.0 through 12.1.5 Description An OS Command Injection issue allows an authenticated attacker to achieve Remote...

DEBIAN-CVE-2026-27890

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCTspecificdata segments during authentication, the server assumes segments arrive in strictly ascending order. If segments arrive out of order, the Array class's grow...

GHSA-72GW-FMMR-C4R4 HashiCorp Vault May Expose Tokens to Auth Plugins Due to Incorrect Header Sanitization

If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault, Vault forwarded the Vault token to the auth plugin backend. Fixed in 2.0.0, 1.21.5, 1.20.10, and 1.19.16...