EulerOS Virtualization 2.10.0 : avahi (EulerOS-SA-2026-1549)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them...

EulerOS 2.0 SP10 : avahi (EulerOS-SA-2026-1327)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after...

CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms Information Disclosure

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms Information Disclosure

IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...

CVE-2026-0977

IBM CICS Transaction Gateway for Multiplatforms (versions 9.3 and 10.1) is affected by CVE-2026-0977 due to improper access controls that could let a user transfer or view files. The issue is categorized with CWE-284 (Improper Access Control) and has a CVSSv3.1 base score of 5.1 (Medium) with LOC...

Security Bulletin: Unrestricted Internet Access/Outbound Connections vulnerability found in CICS Transaction Gateway for Multiplatforms container (CVE-2026-0977)

Summary An Unrestricted Internet Access/Outbound Connections vulnerability affects the CICS Transaction Gateway for Multiplatforms container. CICS Transaction Gateway for Multiplatforms container has documented how to address the applicable vulnerability. Vulnerability Details CVEID:CVE-2026-0977...

Malicious Package

Overview @mmm-otrade/transaction-adapter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

MAL-2026-1300 Malicious code in @mmm-otrade/transaction (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f1e04f746cfc3e1e936e4a628b0435b494c9dfc00739285e88d0ae03b00d9b3 The package @mmm-otrade/transaction was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1301 Malicious code in @mmm-otrade/transaction-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf4c9f5e8a8d9c59d2880a5aafe18bd8780c33c876d202589f4751d5447ce1c The package @mmm-otrade/transaction-adapter was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview @mmm-otrade/transaction is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious code in @mmm-otrade/transaction-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bf4c9f5e8a8d9c59d2880a5aafe18bd8780c33c876d202589f4751d5447ce1c The package @mmm-otrade/transaction-adapter was found to contain malicious code. Source: ghsa-malware...

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication in facilitator payment processing on Solana. An attacker can interfere with or manipulate payment transactions by exploiting a race condition. Remediation Upgrade...

[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42

OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1455)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1455 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields CVE-2025-38591 In the Linux kernel, the following vulnerability has been...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields CVE-2025-38591 In the Linux kernel, the following vulnerability has been resolved: schedext: Fix possible deadlock in the deferredirqworkfn CVE-2025-68333 In the...

SUSE SLES12 Security Update : postgresql18 (SUSE-SU-2026:0785-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0785-1 advisory. This update for postgresql18 fixes the following issue: Update to version 18.3 bsc1258754. Regression fixes: - the substring function raises an error...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005707 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfsreduceallocprofile Callers of btrfsreduceallocprofil...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005684)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005684 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 ext4: fixup...

CVE-2026-28230

SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transactionId a sequential integer starting from 1 without verifying that the requesting charger matches...

CVE-2026-3194

A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function sendtransaction/getprivatekey of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can only be executed locally. The attack's complexity is rated as...