SUSE-SU-2026:20352-1 Security update for protobuf

This update for protobuf fixes the following issues: - CVE-2026-0994: Fixed google.protobuf.Any recursion depth bypass in Python jsonformat.ParseDict bsc1257173...

CVE-2026-25062

Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...

CVE-2025-55210

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

CVE-2025-55210 FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

CVE-2025-55210 FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

CVE-2026-0958

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denial of service through memory or CPU exhaustion by bypassing JSON validation middleware limits...

Pentora

Pentora v1.0 Pentora is a terminal-first web vulnerability...

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a set of tools developed by the FreePBX project, designed to configure Asterisk an IP telephony system through a GUI graphical web-based interface. Versions of FreePBX prior to 17.0.5 and 16.0.17 contained security vulnerabilities. These...

Linux Distros Unpatched Vulnerability : CVE-2026-0958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowe...

GitLab 17.10 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12571)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.4.5, 18.5 before 18.5.3, and 18.6 before 18.6.1 that could have allowed an unauthenticated user to cause a...

PT-2026-7859

FreePBX is an open-source web-based graphical user interface GUI that manages Asterisk. Prior to 17.0.5 and 16.0.17, FreePBX module api PBX API is vulnerable to privilege escalation by authenticated users with REST/GraphQL API access. This vulnerability allows an attacker to forge a valid JWT wit...

Linux Distros Unpatched Vulnerability : CVE-2025-69873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ajv Another JSON Schema Validator before 8.18.0 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keywor...

GitLab 18.4 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2026-0958)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that could have allowed an unauthenticated user to cause denia...

GHSA-2G4F-4PWH-QVX6 ajv has ReDoS when using `$data` option

ajv Another JSON Schema Validator through version 8.17.1 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor...

0.edsql (>=1.0.49 <=1.0.50), 4itech-schematics (>=10.0.2-0 <=11.7.0-5) +9716 more potentially affected by CVE-2025-69873 via ajv (>=7.0.0-beta.0 <=8.17.1)

ajv NPM version =7.0.0-beta.0, =1.0.49, =10.0.2-0, =4.11.2, =0.1.0, =0.1.1, =0.0.1-251008.90016, =1.0.0, =1.4.0, =0.0.2, =2.0.0, =11.7.0, =0.1.0, =0.6.111, =15.0.0, =20.0.0-renovate-fd1892-me5sbqz0 and more Source cves: CVE-2025-69873 Source advisory: OSV:GHSA-2G4F-4PWH-QVX6...

ajv has ReDoS when using `$data` option

ajv Another JSON Schema Validator through version 8.17.1 is vulnerable to Regular Expression Denial of Service ReDoS when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax $data reference, which is passed directly to the JavaScript RegExp constructor...

CVE-2026-26010 Leaky JWTs in OpenMetadata exposing highly-privileged bot users

OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services Glue / Redshift / Postgres. Any read-only user can gain access to a highly privileged account, typically which has the...

CVE-2026-26010

OpenMetadata CVE-2026-26010 describes a leakage of JWTs through calls to /api/v1/ingestionPipelines from the UI, prior to version 1.11.8. Read-only users could obtain tokens used by the ingestion-bot for services such as Glue, Redshift, and Postgres, enabling access to a highly privileged Ingesti...

CVE-2026-25062

Outline (the Outline service) prior to version 1.4.0 is vulnerable via JSON import where attachments[].key is passed to path.join(rootPath, node.key) and then read with fs.readFile without validation, enabling path traversal (e.g., ../ or absolute paths) to read arbitrary server files and import ...

CVE-2026-25062 Outline Affected an Arbitrary File Read via Path Traversal in JSON Import

Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of attachments.key from the imported JSON is passed directly to path.joinrootPath, node.key and then read using fs.readFile without validation. By embedding path traversal...