CVE-2026-44724

systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces when an active NetworkManager connection profile name contains shell metacharacters. The vulnerable value is obtained...

CVE-2026-44724 systeminformation: Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name

systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces when an active NetworkManager connection profile name contains shell metacharacters. The vulnerable value is obtained...

CLSA-2026-1779533209 NetworkManager: Fix of CVE-2024-6501

CVE-2024-6501: NULL pointer dereference of n-lldprx in nmlldpneighborparse when DEBUG logging is enabled, leading to denial-of-service on malformed LLDP packets...

cloud-init bug fix update

An update is available for cloud-init. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The cloud-init packages provide a set of init scripts for cloud instances...

Low: Red Hat Security Advisory: NetworkManager security update

An update for NetworkManager is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHSA-2026:18142 Red Hat Security Advisory: NetworkManager security update

Bulletin has no description...

NetworkManager: NetworkManager File Access

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added t...

Low: Red Hat Security Advisory: NetworkManager security update

An update for NetworkManager is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 10 : NetworkManager (RHSA-2026:18142)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18142 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when...

ALSA-2026:18597 Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

RHEL 9 : NetworkManager (RHSA-2026:18597)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18597 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when...

Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

GHSA-HVX9-HWR7-WJJ9 Systeminformation vulnerable to Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name

Summary On Linux, systeminformation is vulnerable to command injection in networkInterfaces when an active NetworkManager connection profile name contains shell metacharacters. This is not caused by a caller passing attacker-controlled arguments into networkInterfaces. The vulnerable value is...

Command Injection

Overview systeminformation is a simple system and OS information library. Affected versions of this package are vulnerable to Command Injection in the networkInterfaces function when handling NetworkManager connection profile names obtained from nmcli device status output. An attacker can execute...

Systeminformation vulnerable to Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name

Summary On Linux, systeminformation is vulnerable to command injection in networkInterfaces when an active NetworkManager connection profile name contains shell metacharacters. This is not caused by a caller passing attacker-controlled arguments into networkInterfaces. The vulnerable value is...

PT-2026-40714

Name of the Vulnerable Software and Affected Versions systeminformation versions 4.17.0 through 5.31.5 Description On Linux, the library is subject to command injection within the networkInterfaces function. This occurs when an active NetworkManager connection profile name contains shell...

SUSE SLES16 Security Update : strongswan (SUSE-SU-2026:21203-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21203-1 advisory. Update to strongswan 6.0.4: - CVE-2025-9615: NetworkManager File Access bsc1257359. - CVE-2026-25075: Integer Underflow When...

SUSE-SU-2026:1443-1 Security update for NetworkManager

This update for NetworkManager fixes the following issue: Security fixes: - CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359. Other fixes: - Don't renew DHCP lease when software devices' MAC is empty bsc1225498...

SUSE-SU-2026:1427-1 Security update for NetworkManager

This update for NetworkManager fixes the following issue: - CVE-2025-9615: Fixed non-admin user using others' certificates bsc1257359...

[SECURITY] Fedora 44 Update: plasma-nm-6.6.4-1.fc44

Plasma applet and editor for managing your network connections in KDE 4 using the default NetworkManager service...