PT-2026-38855

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0....

CVE-2026-27454

Discourse before versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 allowed unauthorized access to hidden post revisions via GET /posts/:id.json?version=X because display_post called post.revert_to without verifying revision visibility or editor permissions. The root cause was missing authorizati...

EUVD-2026-8614

Karakeep is a elf-hostable bookmark-everything app. In version 0.30.0, when the Reddit metascraper plugin returns readableContentHtml, the HTML parsing subprocess uses it directly without running it through DOMPurify. Every other content source in the crawler goes through Readability + DOMPurify,...

PT-2025-54153

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ptp qoriq probe function within the ptp qoriq module. Smatch, a static analysis tool, identified that memory allocated using ioremap for th...

Are LLMs Reliable Rankers? Rank Manipulation Via Two-Stage Token Optimization

Large language models LLMs are increasingly used as rerankers in information retrieval, yet their ranking behavior can be steered by small, natural-sounding prompts. To expose this vulnerability, we present Rank Anything First RAF, a two-stage token optimization method that crafts concise textual...

UBUNTU-CVE-2023-53553

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still see this one with gcc-9: In file included from include/linux/string.h:254, from...

EUVD-2025-8133

Malicious code in bioql PyPI...

EUVD-2021-34661

Malicious code in bioql PyPI...

[SECURITY] Fedora 41 Update: python3.13-3.13.7-1.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race CVE-2023-52935 In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count CVE-2024-57883 In the Linux kernel, the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a TOCTOU problem in the skisreadable function, which could lead to a null pointer dereference...

[SECURITY] Fedora 41 Update: python3.13-3.13.5-1.fc41

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

[SECURITY] Fedora 42 Update: python3.13-3.13.5-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...

[SECURITY] Fedora 41 Update: python3.11-3.11.13-1.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

[SECURITY] Fedora 42 Update: python3.12-3.12.11-1.fc42

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

[SECURITY] Fedora 41 Update: python3.10-3.10.18-1.fc41

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

SUSE-SU-2025:01582-1 Security update for brltty

This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...

CVE-2025-22116 idpf: check error for register_netdev() on init

In the Linux kernel, the following vulnerability has been resolved: idpf: check error for registernetdev on init Current init logic ignores the error code from registernetdev, which will cause WARNON on attempt to unregister it, if there was one, and there is no info for the user that the creatio...

CVE-2025-32036

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. The algorithm used to generate the captcha image shows the least complexity of the desired image. For this reason, the created image can be easily read by OCR tools, and the intruder can send...

Denial Of Service (DoS)

@mozilla/readability is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing caused by specially crafted titles, allowing an attacker to cause a local denial of service...