watch-tower

OT/ICS Threat Intelligence Lab Local threat intelligence lab...

CVE-2026-35090

In Slican telephone exchanges it is possible to manage the control panel remotely. An unauthenticated attacker can connect to the modem via a telephone with a specific caller ID. This allows them to bypass admin authentication and gain full access to the service protocol and configuration panel...

CVE-2026-46598 vulnerabilities

Vulnerabilities for packages: opentofu, kubernetes, loki, vitess, podman, prometheus-operator, argo-cd, snyk-cli, prometheus, zot, k3s, spire-server, opentelemetry-collector, kaf, minio, rancher-agent, cert-manager, gitlab-kas, external-dns, buildah, flux, cilium, nerdctl, helm, istio,...

CVE-2026-39834 vulnerabilities

Vulnerabilities for packages: k9s, argo-events, crossplane-provider-aws-ec2, terraform-provider-tls, flux-notification-controller, prometheus-operator, rootlesskit, atlantis, neuvector-sigstore-interface, cert-manager, gitlab-kas, cilium, cluster-api-azure-controller, nerdctl,...

CVE-2026-39828 vulnerabilities

Vulnerabilities for packages: k9s, kubernetes, trivy, loki, trivy-operator, vitess, argocd-image-updater, prometheus-operator, argo-cd, snyk-cli, prometheus, skaffold, zot, k3s, spire-server, opentelemetry-collector, kaf, flux-image-automation-controller, minio, cert-manager, gitlab-kas,...

CVE-2026-39832 vulnerabilities

Vulnerabilities for packages: apko, kots, kubescape-server-fips, k9s-fips, kyverno-fips, gitlab-rails-ce, vault, trufflehog-fips, caddy-fips, cilium, dagger, trivy-fips, pulumi-language-yaml, gitea-fips, pulumi-kubernetes-operator, argo-events, consul-fips, external-secrets-operator-fips, podman,...

CVE-2026-46061

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix deadlock in jbd2journalcancelrevoke Commit f76d4c28a46a "fs/jbd2: use sleeping version of findgetblock" changed jbd2journalcancelrevoke to use findgetblocknonatomic which holds the folio lock instead of iprivatelock. Th...

CVE-2026-46059

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

CVE-2026-45990

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

CVE-2026-45960

In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...

CVE-2026-45927

In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...

CVE-2026-45924

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...

CVE-2026-45911

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

SUSE-SU-2026:2086-1 Security update for postgresql14

This update for postgresql14 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

SUSE-SU-2026:2084-1 Security update for postgresql16

This update for postgresql16 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

GHSA-HP84-P2GQ-6FVR vulnerabilities

Vulnerabilities for packages: pgadmin4...

SUSE CVE-2026-41045

A time-to-check-time-of-use in polkit authentication of qSnapper before version 1.3.3 allowed a local attacker to bypass qSnappers authentication mechanism and operate e.g. as root user...

SUSE CVE-2026-41046

A path traversal attack when using a "configName" parameter in qSnapper before version 1.3.3 allowed a local attacker to use malicious config files for snapper and so cause a denial of service or potentially escalate privileges to root...