SUSE-SU-2026:21787-1 Security update for cups

This update for cups fixes the following issues - CVE-2026-27447: Authorization bypass via case-insensitive group-member lookup bsc1261572. - CVE-2026-34978: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss bsc1261571. - CVE-2026-34979: Heap overflow in getoption...

CVE-2025-61972

The CVE-2025-61972 entry describes a vulnerability in AMD NBIO where missing lock bit protection on NBIO registers can be exploited by a local admin with high privileges to gain arbitrary System Management Network (SMN) access. This can potentially lead to arbitrary code execution within the AMD ...

CVE-2025-61972

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in arbitrary code execution in AMD Secure Processor ASP and loss of the SEV-SNP guest's confidentiality and integrity...

EUVD-2025-209811

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

CVE-2025-61971

Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to modify MMIO routing configurations, potentially resulting in loss of SEV-SNP guest integrity...

CVE-2025-61971

The CVE-2025-61971 entry concerns missing lock bit protection for NBIO registers in AMD systems, enabling a locally privileged attacker to modify MMIO routing configurations and potentially compromise SEV-SNP guest integrity. Connected sources confirm affected component as NBIO registers and MMIO...

CVE-2026-7257

CVE-2026-7257 affects Zyxel WRE6505 v2 firmware V1.00(ABDV.3)C0. The issue is insecure storage of sensitive information in the device’s configuration backup file, allowing a local administrator to download and decrypt the backup configuration. The documents do not provide exploit details, affecte...

AMD EPYC™ and AMD EPYC™ Embedded Series Processor Vulnerabilities – May 2026

CVE Details Refer to Glossary for explanation of terms CVE ID| CVE Description| CVSS Vector ---|---|--- CVE-2025-61972| Missing lock bit protection for NBIO registers could allow a local admin-privileged attacker to gain arbitrary System Management Network SMN access, potentially resulting in...

Security update for cups

This update for cups fixes the following issue: CVE-2026-34990: Local print admin token disclosure using temporary printers bsc1261568. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

CVE-2026-22615

Due to improper input validation in one of the Eaton Intelligent Power Protector IPP XML, it is possible for an attacker with admin privileges and access to the local system to inject malicious code resulting in arbitrary command execution. This security issue has been fixed in the latest version...

OpenPrinting CUPS: Local print admin token disclosure using temporary printers

...

CVE-2025-15552

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

CVE-2025-15553

Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

EUVD-2025-208693

Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

EUVD-2025-208691

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

CVE-2025-15552

Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

CVE-2025-15553

Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...

CVE-2025-15554 Admin Passwords Cached by Browsers in Truesec LAPSWebUI

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

CVE-2025-15553 Insecure Logout Functionality in Truesec LAPSWebUI

Non-working logout functionality in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password...