Ubuntu 22.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-8275-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8275-1 advisory. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission chec...

RHEL 8 : freerdp (RHSA-2026:19811)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19811 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

OPENSUSE-SU-2026:10823-1 helm-4.2.0-2.1 on GA media

These are all security issues fixed in the helm-4.2.0-2.1 package on the GA media of openSUSE Tumbleweed...

Mantis Bug Tracker（MantisBT） 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.1 contained an access control vulnerability. This vulnerability stemmed from allowing authenticated users to upload attachments to private issues that they did n...

OPENSUSE-SU-2026:10822-1 hauler-1.4.3-2.1 on GA media

These are all security issues fixed in the hauler-1.4.3-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-34744

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

EUVD-2026-31003

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

CVE-2026-34754 MantisBT allows unauthorized users to upload attachments to restricted issues via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

CVE-2026-34754

MantisBT (Mantis Bug Tracker) REST API allows an authenticated user to upload attachments to private issues they are not authorized to access. Affected: version 2.28.1 and earlier; root cause: unauthorized attachment upload via REST API. Impact: potential access/obstruction on private issues due ...

CVE-2026-34754 MantisBT allows unauthorized users to upload attachments to restricted issues via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

CVE-2026-34754

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2...

EUVD-2026-31004

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

CVE-2026-34744 MantisBT authorization bypass allows continued access to self-uploaded attachments on private issues

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

CVE-2026-34744

Vulnerability summary (CVE-2026-34744) MantisBT (Mantis Bug Tracker) prior to version 2.28.2 is affected by an authorization bypass where a user can list and download their own attachments from an issue created by another user after the issue becomes private, bypassing read access revocation. The...

CVE-2026-34744 MantisBT authorization bypass allows continued access to self-uploaded attachments on private issues

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior permit a user to list and download their own attachments from an Issue created by another user even after it becomes private, bypassing read access revocation. The loss of confidentiality caused by this...

CVE-2026-34579

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior are vulnerable to Authorization Bypass through the private issue monitoring feature . Using a crafted POST request to bugmonitoradd.php, a user with project-level access can add themselves as a monitor for a...

CVE-2026-34579

CVE-2026-34579 affects MantisBT up to version 2.28.1, where a crafted POST to bug_monitor_add.php allows a project‑level user to add themselves as a monitor to a private issue they cannot access. The request is accepted after an Access Denied is shown, creating a monitor relationship that trigger...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

EUVD-2026-30998

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

CVE-2026-34463

CVE-2026-34463 affects MantisBT prior to 2.28.2. When cloning an issue from a different project, the clone form (bug_report_page.php) prepends the source project name before the category selector without proper escaping, allowing stored HTML injection (XSS) if an attacker can set the project name...