ROOT-OS-DEBIAN-11-CVE-2023-3397 CVE-2023-3397 in rootio-linux - Patched by Root

Root has patched CVE-2023-3397 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

Critical Photon OS Security Update - PHSA-2026-5.0-0886

Updates of 'nano', 'samba-client', 'libsolv' packages of Photon OS have been released...

CVE-2026-20181

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

CVE-2026-20266 OS Command Injection in the btool Configuration Helper in Splunk AI Toolkit

In Splunk AI Toolkit versions below 5.7.4, a user who holds the "admin" Splunk role could execute arbitrary OS commands on the host running the Splunk Enterprise instance. The vulnerability is possible because of an unsafe shell execution pattern in the btool configuration helper, which construct...

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

ROOT-OS-DEBIAN-13-CVE-2025-48074 CVE-2025-48074 in rootio-openexr - Patched by Root

Root has patched CVE-2025-48074 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-34589 CVE-2026-34589 in rootio-openexr - Patched by Root

Root has patched CVE-2026-34589 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...

CVE-2026-53876

RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who logs in to the web console as an administrator...

GHSA-H67P-54HQ-RP68 vulnerabilities

Vulnerabilities for packages: saf, kubeflow-pipelines, code-server, vitess...

CVE-2026-0152

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

CVE-2026-10748

An authenticated user with the nx-licensing-create privilege can upload a specially crafted license file to execute arbitrary operating system commands as the Nexus process user in Sonatype Nexus Repository 3 versions before 3.92.0...

CVE-2026-12012 vulnerabilities

Vulnerabilities for packages: chromium...

ROOT-OS-DEBIAN-13-CVE-2026-48959 CVE-2026-48959 in rootio-perl - Patched by Root

Root has patched CVE-2026-48959 in the rootio-perl package for Root:Debian:13. Multiple fixed versions available...

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

A flaw was found in PostgreSQL. This vulnerability, related to symlink following in pgbasebackup plain format and pgrewind, allows an origin superuser to overwrite local files. By exploiting this, an attacker could potentially hijack the operating system account. This attack has practical...

ROOT-OS-DEBIAN-12-CVE-2026-34380 CVE-2026-34380 in rootio-openexr - Patched by Root

Root has patched CVE-2026-34380 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2026-41142 CVE-2026-41142 in rootio-openexr - Patched by Root

Root has patched CVE-2026-41142 in the rootio-openexr package for Root:Debian:12. Multiple fixed versions available...