CVE-2026-40529

creationtimestamp| type| source ---|---|--- 2026-04-22 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN08026319...

EUVD-2025-209555

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...

CVE-2025-6016

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...

CVE-2025-6016

CVE-2025-6016 affects GitLab CE/EE: versions 9.2 through 18.9.5, 18.10 through 18.10.3, and 18.11 through 18.11.0. The issue allows an authenticated user to trigger a denial of service due to insufficient resource allocation limits when retrieving notes under certain conditions. The root cause is...

CVE-2025-6016 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...

CVE-2025-6016 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed an authenticated user to cause denial of service due to insufficient resource allocation limits when retrieving notes under certain...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.38 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.38 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure VMware ESXi and core Windows file systems. This cross-platform...

Security update 5.1.3 for Multi-Linux Manager Client Tools

This update fixes the following issues: spacecmd: Version 5.1.13-0 Updated translation strings uyuni-tools: Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key file can miss if CA password is blank bsc1254154 mgrpxy ssh tuning should happens before crypto policies...

PT-2026-34015

Name of the Vulnerable Software and Affected Versions Bamboo Data Center versions 9.6.0 through 9.6.24 Bamboo Data Center versions 10.0.0 through 10.2.17 Bamboo Data Center versions 11.0.0 through 12.1.5 Description An OS Command Injection issue allows an authenticated attacker to achieve Remote...

CVE-2026-40581

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint SelectDelete.php performs permanent, irreversible deletion of family records and all associated data via a plain GET request with no CSRF token validation. An attacker can craft a...

SUSE-SU-2026:21357-1 Security update for rust1.94

This update for rust1.94 fixes the following issues: Changes in rust1.94: - Don't force gcc-15 on SLE-16 and higher bsc1261876 Update to rust1.94.1: - Release notes can be found externally: https://github.com/rust-lang/rust/releases/tag/1.94.1 - Avoid unwrapping varint decoding during parameters...

CVE-2026-32957

creationtimestamp| type| source ---|---|--- 2026-04-19 19:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU94271449 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-10...

EUVD-2026-23620

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint SelectDelete.php performs permanent, irreversible deletion of family records and all associated data via a plain GET request with no CSRF token validation. An attacker can craft a...

GHSA-QMWG-QPRG-3J38 OpenClaw: Browser interaction routes could pivot into local CDP and regain file reads

Summary Browser interaction routes could pivot into local CDP and regain file reads. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact Browser act/evaluate interactions could trigger navigation into the local CDP origin and then create or rea...

OpenClaw: Nostr profile mutation routes allowed operator.write config persistence

Summary Nostr profile mutation routes allowed operator.write config persistence. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Nostr plugin HTTP profile routes could persist profile config through a path that did not require admin...

CVE-2026-34018

creationtimestamp| type| source ---|---|--- 2026-04-16 20:00:00+00:00| seen| https://jvn.jp/en/jp/JVN78422311 2026-04-17 06:05:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjoaxsb5ce2s 2026-04-20 17:20:51+00:00| seen| Telegram/GfeUhnyJYShCjvs7rm1XQAQJnKqowYjnl2h2DVxLAV4-eNA...

Azure File Sync Agent v22.3 Release – April 2026 (KB5087090)

Azure File Sync Agent v22.3 Release – April 2026 KB5087090...

mXSS (mutation Cross-Site Scripting) dompurify Dependency in Jira Service Management Data Center and Server

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity nesting-based mXSS mutation Cross-Site Scripting vulnerability was introduced in version 10.3.0 of Jira...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.65 bug fix and security update

Red Hat OpenShift Container Platform release 4.13.65 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...