2980 matches found
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5102205)
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5102205...
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5102204)
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5102204...
May 12, 2026-Security and Quality Rollup for .NET Framework 4.6.2, 4.7, 4.7.1, 4.7.2 for Windows Server 2012 (KB5087062)
None None...
July 14, 2026—KB5099444 (Monthly Rollup)
None None...
June 9, 2026—KB5094041 (Monthly Rollup)
None None...
June 9, 2026—KB5094042 (Monthly Rollup)
None None...
ROOT-APP-NPM-CVE-2026-27606 CVE-2026-27606 in @rootio/rollup - Patched by Root
Root has patched CVE-2026-27606 in the @rootio/rollup package for Root:npm. Multiple fixed versions available...
Malicious code in rollup-plugin-polyfill-handler (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fcd05581537eece4993579cb664215a82b87dad2bdb03cae7ba998ba092a79d Package name mimics the rollup-plugin- ecosystem but exposes no Rollup plugin API. Its exported functions getPlugin, setPlugin, and getPluginExten ea...
Malicious code in postcss-property-rollup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acb8d62cdeb6a2c19937f3d02aa6214a23114e4dbc38373e6107c8345c3f1f9f [email protected] was scanned with no a static rule matches and no behavioral findings. No exfiltration, install-time fetch-and-execute,...
MAL-2026-6684 Malicious code in postcss-property-rollup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acb8d62cdeb6a2c19937f3d02aa6214a23114e4dbc38373e6107c8345c3f1f9f [email protected] was scanned with no a static rule matches and no behavioral findings. No exfiltration, install-time fetch-and-execute,...
Malicious code in rollup-runtime-polyfill-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...
MAL-2026-6372 Malicious code in rollup-runtime-polyfill-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...
Security update for golang-github-prometheus-prometheus
This update for golang-github-prometheus-prometheus to version 3.5.3 fixes the following issues: Security issues fixed: CVE-2026-42151: AzureAD remote write: Fixed OAuth clientsecret being exposed in plaintext via /-/config endpoint bsc1263986 CVE-2026-42154: Remote-read: Reject snappy-compressed...
EUVD-2026-31322
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...
CVE-2026-48240 Open ISES Tickets < 3.44.2 SQL Injection via ajax/statistics.php tick_id and f_tick_id Parameters
Open ISES Tickets before 3.44.2 contains a SQL injection vulnerability in ajax/statistics.php where the tickid and ftickid POST parameters are concatenated into WHERE clauses of SELECT statements in the statistics rollup queries without sanitization. Authenticated attackers can craft requests tha...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021536)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021536 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 mm: /proc/pid/smapsrollup:...
2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 (KB5088860)
2026-05 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 for x64 KB5088860...
May 12, 2026—KB5087471 (Monthly Rollup)
None None...
rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability
A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...
rollup: Rollup: Remote Code Execution via Path Traversal Vulnerability
A flaw was found in Rollup, a JavaScript module bundler. Insecure file name sanitization in the core engine allows an attacker to control output filenames, potentially through command-line interface CLI inputs, manual chunk aliases, or malicious plugins. By using directory traversal sequences ../...