CVE-2026-29133

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...

SUSE: Security Advisory (SUSE-SU-2026:20946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PraisonAI SQL注入漏洞

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a SQL injection vulnerability that stems from the getalluserthreads function constructing raw SQL queries using unescaped thread IDs, which can be exploited by an attacker to cause SQL injection and gai...

SUSE: Security Advisory (SUSE-SU-2026:20931-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Focalboard 安全漏洞

Focalboard is a multilingual, self-hosted project management tool open source by Mattermost Community. Version 8.0 of Focalboard contains a security vulnerability, which stems from insufficient cleaning of category IDs. This vulnerability may lead to second-level SQL injection and data leakage...

CVE-2026-5414

A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argument DocumentId results in improper control of resource identifiers. The attack may be performed...

Keycloak: Redirect URI validation bypass via ..;/ path traversal in OIDC auth endpoint

A flaw was found in Keycloak. This issue allows an attacker, who controls another path on the same web server, to bypass the allowed path in redirect Uniform Resource Identifiers URIs that use a wildcard. A successful attack may lead to the theft of an access token, resulting in information...

CVE-2026-4636

A flaw was found in Keycloak. An authenticated user with the umaprotection role can bypass User-Managed Access UMA policy validation. This allows the attacker to include resource identifiers owned by other users in a policy creation request, even if the URL path specifies an attacker-owned...

CVE-2026-29133

SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to upload PGP keys with UIDs that do not match their email address...

RHEL 7 : python3 (RHSA-2026:6464)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6464 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Missing Source Correlation of Multiple Independent Data

Overview Affected versions of this package are vulnerable to Missing Source Correlation of Multiple Independent Data in the PUT /api/v1/subscriber/imsi API endpoint. An attacker can alter another user's policy settings and falsify audit logs by providing mismatched IMSI values in the request path...

CVEs

...

CLEANSTART-2026-OF85770 Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0

Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-AY18527 Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.17.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0

Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-LQ42192 Security fixes for CVE-2014-0138, CVE-2014-0139, CVE-2016-5419, CVE-2016-5420, CVE-2016-5421, CVE-2016-7141, CVE-2016-7167, CVE-2016-8615, CVE-2016-8616, CVE-2016-8617, CVE-2016-8618, CVE-2016-8619, CVE-2016-8620, CVE-2016-8621, CVE-2016-8622, CVE-2016-8623, CVE-2016-8624, CVE-2016-8625, CVE-2016-9594, CVE-2017-1000099, CVE-2017-1000100, CVE-2017-1000101, CVE-2017-1000257, CVE-2017-2629, CVE-2017-7407, CVE-2017-7468, CVE-2017-8816, CVE-2017-8817, CVE-2017-8818, CVE-2018-0500, CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122, CVE-2018-1000300, CVE-2018-1000301, CVE-2018-14618, CVE-2018-16839, CVE-2018-16840, CVE-2018-16842, CVE-2018-16890, CVE-2019-3822, CVE-2019-3823, CVE-2019-5435, CVE-2019-5436, CVE-2019-5481, CVE-2019-5482, CVE-2020-8169, CVE-2020-8177, CVE-2020-8231, CVE-2020-8284, CVE-2020-8285, CVE-2020-8286, CVE-2021-22876, CVE-2021-22890, CVE-2021-22897, CVE-2021-22898, CVE-2021-22901, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-22925, CVE-2021-22945, CVE-2021-22946, CVE-2021-22947, CVE-2022-22576, CVE-2022-27774, CVE-2022-27775, CVE-2022-27776, CVE-2022-27778, CVE-2022-27779, CVE-2022-27780, CVE-2022-27781, CVE-2022-27782, CVE-2022-30115, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208, CVE-2022-32221, CVE-2022-35252, CVE-2022-35260, CVE-2022-42915, CVE-2022-42916, CVE-2022-43551, CVE-2022-43552, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-27533, CVE-2023-27534, CVE-2023-27535, CVE-2023-27536, CVE-2023-27537, CVE-2023-27538, CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-46218, CVE-2023-46219, CVE-2024-0853, CVE-2024-11053, CVE-2024-2004, CVE-2024-2379, CVE-2024-2398, CVE-2024-2466, CVE-2024-6197, CVE-2024-6874, CVE-2024-7264, CVE-2024-8096, CVE-2024-9681, CVE-2025-0167, CVE-2025-0665, CVE-2025-0725, CVE-2025-10148, CVE-2025-4947, CVE-2025-5025, CVE-2025-5399, CVE-2025-9086, CVE-2026-24515, CVE-2026-25210 applied in versions: 0, 7.36.0-r0, 7.50.1-r0, 7.50.2-r0, 7.50.3-r0, 7.51.0-r0, 7.52.1-r0, 7.53.0-r0, 7.53.1-r2, 7.54.0-r0, 7.55.0-r0, 7.56.1-r0, 7.57.0-r0, 7.59.0-r0, 7.60.0-r0, 7.61.0-r0, 7.61.1-r0, 7.62.0-r0, 7.64.0-r0, 7.65.0-r0, 7.66.0-r0, 7.71.0-r0, 7.72.0-r0, 7.74.0-r0, 7.76.0-r0, 7.77.0-r0, 7.78.0-r0, 7.79.0-r0, 7.83.0-r0, 7.83.1-r0, 7.84.0-r0, 7.85.0-r0, 7.86.0-r0, 7.87.0-r0, 7.88.0-r0, 8.0.0-r0, 8.1.0-r0, 8.10.0-r0, 8.11.0-r0, 8.11.1-r0, 8.12.0-r0, 8.14.0-r0, 8.14.1-r0, 8.15.0-r0, 8.18.0-r0, 8.3.0-r0, 8.4.0-r0, 8.5.0-r0, 8.6.0-r0, 8.7.1-r0, 8.9.0-r0, 8.9.1-r0

Multiple security vulnerabilities affect the curl package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-TC19665 Security fixes for ghsa-65p9-r9h6-22vj, ghsa-hfpc-8r3f-gw53, ghsa-vw5v-4f2q-w9xf applied in versions: 1.6.2-r1

Multiple security vulnerabilities affect the ntpd-rs package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-IL36032 Security fixes for CVE-2025-30218, CVE-2025-49005, CVE-2025-65945, ghsa-2mjp-6q6p-2qxm, ghsa-33vc-wfww-vjfv, ghsa-43fc-jf86-j433, ghsa-4992-7rv2-5pvq, ghsa-4hjh-wcwx-xvwj, ghsa-554w-wpv2-vw27, ghsa-5gfm-wpxj-wjgq, ghsa-5jpx-9hw9-2fx4, ghsa-65ch-62r8-g69g, ghsa-869p-cjfg-cm3x, ghsa-968p-4wvh-cqc8, ghsa-9g9p-9gw9-jx7f, ghsa-9qr9-h5gf-34mp, ghsa-f269-vfmq-vjvj, ghsa-fjxv-7rqg-78g4, ghsa-g9mf-h72j-4rw9, ghsa-h25m-26qc-wcjf, ghsa-jmr7-xgp7-cmfj, ghsa-m7jm-9gc2-mpf2, ghsa-mwv6-3258-q52c, ghsa-rcmh-qjqh-p98v, ghsa-v9p9-hfj2-hcw8, ghsa-vrm6-8vpv-qv8q, ghsa-w37m-7fhw-fmv9, ghsa-xxjr-mmjv-4gpg applied in versions: 2.11.0-r0, 2.11.0-r2

Multiple security vulnerabilities affect the jitsucom-jitsu package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-UZ79996 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2025-62820, CVE-2026-30836, CVE-2026-33186, ghsa-p77j-4mvh-x3m3, ghsa-q4r8-xm5f-56gw applied in versions: 0.10.0-r0, 0.9.10-r0, 0.9.9-r0, 0.9.9-r1

Multiple security vulnerabilities affect the step-issuer package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-UA95882 Security fixes for CVE-2015-8080, CVE-2019-10192, CVE-2019-10193, CVE-2020-14147, CVE-2021-32625, CVE-2021-32626, CVE-2021-32627, CVE-2021-32628, CVE-2021-32672, CVE-2021-32675, CVE-2021-32687, CVE-2021-32762, CVE-2021-41099, CVE-2022-24736, CVE-2022-24834, CVE-2022-35977, CVE-2022-3647, CVE-2023-36824, CVE-2023-41053, CVE-2023-41056, CVE-2023-45145, CVE-2024-31227, CVE-2024-31228, CVE-2024-31449, CVE-2025-46817, CVE-2025-46818, CVE-2025-46819, CVE-2025-49844 applied in versions: 5.0.4-r0, 5.0.8-r0, 6.0.3-r0, 6.2.0-r0, 6.2.4-r0, 6.2.5-r0, 6.2.6-r0, 6.2.7-r0, 7.0.12-r0, 7.0.4-r0, 7.0.5-r0, 7.0.6-r0, 7.0.8-r0, 7.2.1-r0, 7.2.2-r0, 7.2.4-r0, 7.2.5-r1, 8.2.2-r0

Multiple security vulnerabilities affect the redis package. These issues are resolved in later releases. See references for individual vulnerability details...

CLSA-2026-1775034352 squid: Fix of CVE-2025-59362

CVE-2025-59362: fix mishandling of ASN.1 encoding of long SNMP OIDs in lib/snmplib/asn1.c asnbuildobjid...