RHSA-2026:24374 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

RHSA-2026:24009 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

CVE-2026-11941

Cloudflare Quiche contains two use-after-free flaws in the FFI path for connection IDs. The issues affect the quiche_connection_id_iter_next and quiche_conn_retired_scid_next functions, where a owned ConnectionId is returned to the application via an argument but is dropped at the end of the func...

ROOT-APP-PYPI-CVE-2026-23949 CVE-2026-23949 in rootio-jaraco.context - Patched by Root

Root has patched CVE-2026-23949 in the rootio-jaraco.context package for Root:PyPI. Multiple fixed versions available...

ROOT-APP-PYPI-CVE-2026-32274 CVE-2026-32274 in rootio-black - Patched by Root

Root has patched CVE-2026-32274 in the rootio-black package for Root:PyPI. Multiple fixed versions available...

CVE-2026-11463

A security flaw has been identified in the USCiLab Cereal library that could affect the security and stability of applications utilizing it. Mitigation Since the vulnerability is triggered by processing malicious payloads, immediately restrict network access or input mechanisms that allow...

ROOT-OS-DEBIAN-12-CVE-2023-44487 CVE-2023-44487 in rootio-nginx - Patched by Root

Root has patched CVE-2023-44487 in the rootio-nginx package for Root:Debian:12. Multiple fixed versions available...

DEBIAN-CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

UBUNTU-CVE-2026-56131

libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur similar to the CVE-2026-50219 situation...

CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

EUVD-2026-37977

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

SUSE CVE-2026-12325

Denial-of-service in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CGA-QPQR-6VCG-2G85

Bulletin has no description...

CGA-XHPH-HJ6Q-JQVX

Bulletin has no description...

CGA-77J6-8CMC-Q4XV

Bulletin has no description...

UBUNTU-CVE-2026-48936

Unknown description...

PT-2026-50981

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description A heap buffer overflow occurs in the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode allows the first-pass stats ring buffer wrap-around guard to...

PT-2026-50984

Name of the Vulnerable Software and Affected Versions libaom affected versions not specified Description Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to provide crafted video frame pixels that overlap with internal encoder layer...

PT-2026-50831

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An issue exists where the software lacks handler call depth tracking for calls to the XML ResumeParser function when called from within handlers during a policy violation. This can lead to a...