MINI-2CMC-4CPV-779F

Bulletin has no description...

DEBIAN-CVE-2026-45445

Issue summary: When an application drives an AES-OCB context through the public EVPCipher one-shot interface, the application-supplied initialisation vector IV is silently discarded. Impact summary: Every message encrypted under the same key uses the same effective nonce regardless of the IV...

DEBIAN-CVE-2026-42770

Issue summary: When EVPPKEYderivesetpeer is called with a DHX X9.42 peer key, the peer key is not properly checked for the subgroup membership. Impact summary: A malicious peer which presents an X9.42 key carrying the victim's p and g parameters, a forged q = r a small prime factor of the cofacto...

DEBIAN-CVE-2026-34182

Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve...

ECHO-7E52-FE53-3431

Bulletin has no description...

MINI-P884-5JC6-7FF8

Bulletin has no description...

MINI-R5F6-8XR4-8C5J

Bulletin has no description...

DEBIAN-CVE-2026-46332

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352bootloaderrx appends each serdev chunk into the fixed rxbuffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may recei...

DEBIAN-CVE-2026-46318

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmapprepare" This reverts commit ea52cb24cd3f "mm/hugetlbfs: update hugetlbfs to use mmapprepare" with conflict resolution to account for changes in commit ea52cb24cd3f "mm/hugetlbfs:...

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

BELL-CVE-2026-46299

Bulletin has no description...

BELL-CVE-2026-46313

Bulletin has no description...

DEBIAN-CVE-2026-41847

Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48...

DEBIAN-CVE-2026-41846

Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through...

MINI-XJQC-G6CV-2W2X

Bulletin has no description...

MINI-C248-6C66-6G8M

Bulletin has no description...

PT-2026-47844

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description A use-after-free condition occurs during PKCS7 signature verification when processing a specially crafted PKCS7 or S/MIME signed message. Specifically, if the SignedData digestAlgorithms fiel...

UBUNTU-CVE-2026-42489

Unknown description...

UBUNTU-CVE-2026-45445

AES-OCB IV Ignored on EVPCipher Path...

MINI-FFRR-HC56-P3CV

Bulletin has no description...