SUSE-SU-2026:2197-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...

CVE-2026-7009

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...

Unity Linux 20.1060e / 20.1070e Security Update: curl (UTSA-2026-017570)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017570 advisory. When curl = 7.20.0 and = 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back...

PT-2026-37284

Name of the Vulnerable Software and Affected Versions Open edx Enterprise Service versions 7.0.2 through 7.0.4 Description An authenticated user with the Enterprise Admin role can trigger a server-side HTTP request. By using the 'SAMLProviderConfigViewSet' PATCH endpoint, a user can set the...

CVE-2026-6066

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

CVE-2026-6066 Unencrypted Client‑Server Communication in ConnectWise Automate™ Solution Center

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

PT-2026-33785

ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center...

langchain-openai: Image token counting SSRF protection can be bypassed via DNS rebinding

Summary langchain-openai's urltosize helper used by getnumtokensfrommessages for image token counting validated URLs for SSRF protection and then fetched them in a separate network operation with independent DNS resolution. This left a TOCTOU / DNS rebinding window: an attacker-controlled hostnam...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. Versions of wolfSSL prior to 5.9.0 contained a security vulnerability caused by integer underflow. This vulnerability could allow...

CVE-2026-32941 Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...

Cryptomator 安全漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. Versions of Cryptomator prior to 1.19.1 contained security vulnerabilities. These vulnerabilities stemmed from the unlocking process based on Hub, which did not enforce the use of HTTPS. This could lead to network...

Linux Distros Unpatched Vulnerability : CVE-2026-23240

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose,...

When Handshakes Tell the Truth: Detecting Web Bad Bots Via TLS Fingerprints

Automated traffic continued to surpass human-generated traffic on the web, and a rising proportion of this automation was explicitly malicious. Evasive bots could pretend to be real users, even solve Captchas and mimic human interaction patterns. This work explores a less intrusive, protocol-leve...

Fedora 42 : composer (2026-13b4dbe546)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-13b4dbe546 advisory. Version 2.9.3 - 2025-12-30 Security: Fixed ANSI sequence injection GHSA-59pp-r3rg-353g / CVE-2025-67746 Fixed COMPOSERNOSECURITYBLOCKING env var not being...

SUSE-SU-2025:4160-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.10.29 fixes various security issues The following security issues were fixed: - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow bsc1242882. - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd...

Siemens SIMATIC S7-1500 Improper Certificate Validation (CVE-2021-22926)

libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the CURLOPTSSLCERT option --cert with the command line tool.When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificat...

PolarEdge Targets Cisco, ASUS, QNAP, Synology Routers in Expanding Botnet Campaign

Cybersecurity researchers have shed light on the inner workings of a botnet malware called PolarEdge. PolarEdge was first documented by Sekoia in February 2025, attributing it to a campaign targeting routers from Cisco, ASUS, QNAP, and Synology with the goal of corralling them into a network for ...

CVE-2025-11493

The ConnectWise Automate Agent does not fully verify the authenticity of files downloaded from the server, such as updates, dependencies, and integrations. This creates a risk where an on-path attacker could perform a man-in-the-middle attack and substitute malicious files for legitimate ones by...

CVE-2025-11492

CVE-2025-11492 concerns the ConnectWise Automate Agent where communications could default to HTTP instead of HTTPS, enabling a man‑in‑the‑middle attacker to intercept, modify, or replay agent–server traffic. The issue is tied to insecure transport, with mitigation in Automate 2025.9: all agent co...

GHSA-28GG-8QQJ-FHH5 OpenSearch Data Prepper uses deprecated SSL protocol identifier

Impact The GeoIP processor and Kafka source and buffer were using the deprecated "SSL" protocol identifier when creating SSL contexts, potentially allowing the use of insecure SSL protocols instead of modern TLS versions. Multiple Data Prepper plugins used SSLContext.getInstance"SSL" which could...