USN-8396-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server modrewrite module incorrectly handled certain privileges. A local attacker could possibly use this issue to obtain sensitive information. CVE-2026-24072 Andrew Lacambra, Elhanan Haenel, Tianshuo Han, and Tristan Madani discovered that the Apache HTTP...

CVE-2026-46427

Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is DatasourceFieldType.PASSWORD. The Snowflake integration types its privateKey field as...

Astra Linux - уязвимость в golang-1.19

On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...

CVE-2026-43403

CVE-2026-43403 concerns the Linux kernel nsfs component. The issue arises from insufficient permission checks in ns iteration ioctls, potentially allowing a privileged service to view information from other privileged services and perform information disclosure. Multiple sources (Red Hat, Debian,...

GHSA-JWRQ-8G5X-5FHM OpenClaw: Collect-mode queue batches could reuse the last sender authorization context

Summary Collect-mode queue batches could reuse the last sender authorization context. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.14 Impact Collect-mode queued messages from different senders could be drained as one batch using the final sender'...

CVE-2026-34765

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, when a renderer calls window.open with a target name, Electron did not correctly scope the named-window lookup to the opener's browsing...

CVE-2025-63384

A vulnerability was discovered in RISC-V Rocket-Chip v1.6 and before implementation where the SRET Supervisor-mode Exception Return instruction fails to correctly transition the processor's privilege level. Instead of downgrading from Machine-mode M-mode to Supervisor-mode S-mode as specified by...

Advisory ROSA-SA-2025-3038

Software: postgresql15 15.14 OS: rosa-server79 unaffected versions = postgresql15-15.14-1PGDG.res7 affected versions postgresql15-15.14-1PGDG.res7 CVE-ID: CVE-2017-7484 BDU-ID: 2019-03334 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PostgreSQL database management system is related to a lack o...

UBUNTU-CVE-2024-36357

A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries...

Important: postgresql

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox and Mozilla Thunderbird are both products of the Mozilla Foundation in the U.S. Mozilla Firefox is an open-source Web browser.Mozilla Thunderbird is a separate set of Mozilla Application Suite Email client software. The software supports IMAP, POP mail protocols, and HTML mail...

CVE-2023-38023

An issue was discovered in SCONE Confidential Computing Platform before 5.8.0 for Intel SGX. Lack of pointer-alignment logic in sconedispatch and other entry functions allows a local attacker to access unauthorized information, aka an "AEPIC Leak."...

UBUNTU-CVE-2019-3839

It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains imposed by -dSAFER. Ghostscrip...