ROOT-APP-MAVEN-CVE-2025-55752 CVE-2025-55752 in io.root.org.apache.tomcat:tomcat-catalina - Patched by Root

Root has patched CVE-2025-55752 in the io.root.org.apache.tomcat:tomcat-catalina package for Root:Maven. Multiple fixed versions available...

ROOT-APP-NPM-CVE-2026-44288 CVE-2026-44288 in @rootio/protobufjs - Patched by Root

Root has patched CVE-2026-44288 in the @rootio/protobufjs package for Root:npm. Multiple fixed versions available...

ROOT-APP-MAVEN-CVE-2026-41417 CVE-2026-41417 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-41417 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2025-38348 CVE-2025-38348 in rootio-linux - Patched by Root

Root has patched CVE-2025-38348 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-31403 CVE-2026-31403 in rootio-linux - Patched by Root

Root has patched CVE-2026-31403 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2025-38004 CVE-2025-38004 in rootio-linux - Patched by Root

Root has patched CVE-2025-38004 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

UBUNTU-CVE-2026-12330

Incorrect boundary conditions in the Internationalization component. T...

UBUNTU-CVE-2026-5244

A vulnerability has been found in Cesanta Mongoose up to 7.20. This af...

BELL-CVE-2026-46277 CVE-2026-46277 does not affect BellSoft software

Bulletin has no description...

ROOT-APP-NPM-CVE-2025-56200 CVE-2025-56200 in @rootio/validator - Patched by Root

Root has patched CVE-2025-56200 in the @rootio/validator package for Root:npm. Multiple fixed versions available...

UBUNTU-CVE-2026-42489

Unknown description...

DEBIAN-CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

DEBIAN-CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2026-42321

GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked tab. Upgrade to 10.0.25 or 11.0.7 to receive a patch...

UBUNTU-CVE-2026-27145

x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number...

@etherna/sdk-js (>=2.0.1 <=2.0.3), @eui/deps-base (>=21.0.0-alpha.33 <=23.0.0-alpha.1) +14 more potentially affected by CVE-2026-47429 via @vitest/ui (>=4.0.14 <=4.0.7)

@vitest/ui NPM version =4.0.14, =2.0.1, =21.0.0-alpha.33, =1.3.0, =0.3.5, =0.3.0, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.4.2 and more Source cves: CVE-2026-47429 Source advisory: SNYK:JS-VITESTUI-17120328...

DEBIAN-CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

DEBIAN-CVE-2026-46011

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...

DEBIAN-CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

RHSA-2026:20586 Red Hat Security Advisory: thunderbird security update

Bulletin has no description...