Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013192 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreqdevrelease srcuinitnotifierhead allocates resources that need to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013221)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013221 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix notifiers being shared by PCI and VIO buses failiommusetup registers the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010834)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010834 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix pci device refcount leak in pprnotifier As comment of pcigetdomainbusandslot says,...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011117)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011117 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011035 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006904)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006904 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013163)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013163 advisory. In the Linux kernel, the following vulnerability has been resolved: lib: cpurmap: Avoid use after free on rmap-obj array entries When calling irqsetaffinitynotifier...

[slackware-security] cups

New cups packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.17-i586-1slack15.0.txz: Upgraded. This update fixes security issues: The scheduler treated local user and group names as...

[SECURITY] Fedora 44 Update: kf6-kstatusnotifieritem-6.25.0-1.fc44

Implementation of Status Notifier Items...

CVE-2026-39980

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

CVE-2026-39980

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

CVE-2026-39980 OpenCTI affected by RCE via notifier template

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

CVE-2026-39980

OpenCTI prior to 6.9.5 has a vulnerability in safeEjs.ts where EJS templates are not properly sanitized, allowing users with Manage customization capability to run arbitrary JavaScript in the platform process context during notifier template execution. The issue is fixed in 6.9.5; CVSS 3.1 base s...

EUVD-2026-20972

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

CVE-2026-39980 OpenCTI affected by RCE via notifier template

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the OpenCTI platform...

PT-2026-31664

Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 6.9.5 Description OpenCTI is a platform for managing cyber threat intelligence. Prior to version 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with Manage customization capability can...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006581 advisory. In the Linux kernel, the following vulnerability has been resolved: hwmon: coretemp Simplify platform device handling Coretemp's platform driver is unconventional. A...

SUSE CVE-2026-34978

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside CacheDir/rss...

Linux Distros Unpatched Vulnerability : CVE-2026-34978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. pa...

SUSE CVE-2026-23432

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...