Security Bulletin: IBM Maximo Scheduler Optimizer uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205

Summary IBM Maximo Scheduler Optimizer uses flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web server gateway interface WSGI web...

Security Bulletin: IBM Maximo Scheduler Optimizer uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996

Summary IBM Maximo Scheduler Optimizer uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for converting glo...

Security Bulletin: IBM Maximo Scheduler Optimizer uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904

Summary IBM Maximo Scheduler Optimizer uses minimatch-3.1.2.tgz which is vulnerable to CVE-2026-26996, CVE-2026-27903, CVE-2026-27904. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal...

Security Bulletin: IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.wh which is vulnerable to CVE-2026-34073

Summary IBM Maximo Scheduler Optimizer uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.wh which is vulnerable to CVE-2026-34073. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package...

svgo: SVGO: Denial of Service via XML entity expansion

A flaw was found in SVGO, an SVG Scalable Vector Graphics Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service DoS by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node....

OESA-2026-2154 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

OESA-2026-2153 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

arbor-ai (>=0.1.5 <=0.1.14), coreason-runtime (>=0.1.0 <=0.31.0) +10 more potentially affected by CVE-2026-7669 via sglang (>=0.4.5 <=0.5.2)

sglang PYPI version =0.4.5, =0.1.5, =0.1.0, =1.1.0, =2.0.0b40, =0.0.1, =0.1.0, =0.1.0, =0.0.1.post1, =0.0.0, =0.8.0, =0.10.7 Source cves: CVE-2026-7669 Source advisory: OSV:GHSA-6M5F-673F-5VH7...

Security Bulletin: IBM Edge Data Collector Component uses next-15.5.7.tgz which is vulnerable to CVE-2025-59471.

Summary Security Bulletin: IBM Edge Data Collector Component uses next-15.5.7.tgz which is vulnerable to CVE-2025-59471. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-59471 DESCRIPTION: A denial of service vulnerability exists in self-hosted...

Linux Distros Unpatched Vulnerability : CVE-2026-34272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable...

OESA-2026-2120 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

OESA-2026-2119 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

OESA-2026-2118 mysql security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. %if Security Fixes:...

TencentOS Server 3: mysql:8.0 (TSSA-2026:0245)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0245 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2026-34278

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

CVE-2026-34272

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2026-22017

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2026-34267

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

CVE-2026-22009

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2026-22005

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...