GHSA-4XGF-CPJX-PC3J vulnerabilities

Vulnerabilities for packages: airflow, semgrep, open-webui...

CVE-2026-42208 vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2026-53125

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

CVE-2026-53101

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix potential deadlock in mt7921rocabortsync rocabortsync can deadlock with rocwork. rocwork holds dev-mt76.mutex, while cancelworksync waits for rocwork to finish. If the caller already owns the same mutex,...

CVE-2026-53087

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

Important: Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

A Subscription Management tool for finding and reporting Red Hat product usage Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their...

CVE-2026-52999

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix out-of-bounds read on option matching In nfosfmatch, the nfosfhdrctx structure is initialized once and passed by reference to nfosfmatchone for each fingerprint checked. During TCP option parsing,...

CVE-2026-54904

concurrent-ruby is a modern concurrency tools for Ruby. Prior to 1.3.7, Concurrent::AtomicReferenceupdate can enter a permanent busy retry loop when the current value is Float::NAN. The issue is caused by the interaction between AtomicReferenceupdate, which retries until compareandsetoldvalue,...

CVE-2026-52918

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since th...

SUSE CVE-2026-46606

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine glances/plugins/vms/engines/virsh.py passes VM domain names, read directly from virsh list --all output, into f-string command templates that are processed by securepopen...

GHSA-64MM-VXMG-Q3VJ vulnerabilities

Vulnerabilities for packages: argo-workflows, kubeflow-pipelines...

CVE-2020-12459 vulnerabilities

Vulnerabilities for packages: grafana-fips...

GHSA-J454-PVHH-FCMQ vulnerabilities

Vulnerabilities for packages: linux-qemu-melange...

CVE-2025-68939 vulnerabilities

Vulnerabilities for packages: gitea-fips...

CVE-2026-49468 vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2025-7064

creationtimestamp| type| source ---|---|--- 2026-06-23 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-05...

SUSE CVE-2026-23879

py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, which allows symbolic links to be recreated outside the destination directory via crafted malicious...

SUSE CVE-2026-53488

unknown...

CVE-2026-49214 vulnerabilities

Vulnerabilities for packages: nextcloud-server...

GHSA-34XG-WGJX-8XPH vulnerabilities

Vulnerabilities for packages: nextcloud-server...