PT-2026-41689

Name of the Vulnerable Software and Affected Versions Neotoma versions 0.6.0 through 0.11.0 Description Neotoma can treat public reverse-proxied requests as local when the application receives them over a loopback socket and no Bearer token is present. This occurs in deployments behind a reverse...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker through...

CLSA-2026-1778863931 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker through skbgroreceive + skbshift CVE-2026-46300...

SUSE SLES15 Security Update : kernel RT (Live Patch 4 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1858-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1858-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.16 fixes one security issue The following security issue was fixed: - CVE-2026-43284:...

CVE-2026-44564

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

CVE-2026-44553

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

CVE-2026-44553 Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

CVE-2026-44553 Open WebUI: Stale Admin Role in Socket.IO Session Pool Enables Post-Demotion Cross-User Note Access

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do not iterate SESSIONPOOL to disconnect affected sessions. As a result, a user whose admin role has been revoked retains admin...

CVE-2026-44564

Open WebUI (self-hosted offline AI platform) contains a vulnerability in the ydoc:document:update Socket.IO handler that allows read-only users to modify in-memory Yjs documents. The handler validates room membership but does not verify write permission, and read-only users join the document room...

CVE-2026-44564 Open WebUI: Read-Only Users Can Modify Collaborative Documents via Socket.IO

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the ydoc:document:update Socket.IO event handler checks whether the sender is a member of the document's Socket.IO room line 678 but does not verify that the sender has write...

CLSA-2026-1778867412 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker through skbgroreceive + skbshift CVE-2026-46300 - Revert "net: gro: propagate SKBFLSHAREDFRAG through skbgroreceive"...

CLSA-2026-1778832730 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker 8.x backport CVE-2026-46300...

SUSE CVE-2026-43481

In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsgreply genlmsgreply hands the reply skb to netlink, and netlinkunicast consumes it on all return paths, whether the skb is queued successfully or freed on an error path...

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI based on the open-source Open WebUI framework. Versions of Open WebUI prior to 0.9.0 contained security vulnerabilities. These vulnerabilities stemmed from the ydoc:document:update Socket.IO event handler, which checke...

PT-2026-41419

Name of the Vulnerable Software and Affected Versions Funnel Builder affected versions not specified Description An SQL injection flaw in the Funnel Builder plugin allows attackers to inject payment skimmers into WooCommerce checkout pages. This issue enables script propagation across all checkou...

GHSA-7P5M-V798-F8VV Electerm Local code through electerm's single-instance socket

Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...

Improper Verification of Source of a Communication Channel

Overview electerm is an open-sourced terminal/ssh/telnet/serialport/sftp client Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel via the single-instance socket process. An attacker can execute arbitrary code by sending a crafted JSON...

Electerm Local code through electerm's single-instance socket

Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...