CVE-2026-10887

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:25+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

CVE-2026-10886

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:24+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

CVE-2026-50256

creationtimestamp| type| source ---|---|--- 2026-06-05 12:58:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnk6vrzx4h2v 2026-06-06 05:00:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlunsu66a2g 2026-06-06 22:39:01+00:00| seen|...

CVE-2026-21036

creationtimestamp| type| source ---|---|--- 2026-06-05 12:54:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnk6nsli752a...

SUSE-SU-2026:2284-1 Security update for mariadb

This update for mariadb fixes the following issues: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. - CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. - CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. - CVE-2026-44170:...

RLSA-2026:22937 Important: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121...

osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images a...

image-builder security update

An update is available for image-builder. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A local binary for building customized OS artifacts such as VM images...

RLSA-2026:23228 Important: image-builder security update

A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121...

CVE-2026-21037

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

Security Bulletin: IBM watsonx.ai on Cloud Pak for Data is vulnerable to python-Python-3.12.0b4 (Publicly disclosed vulnerability found by Mend) due to python pip package ( CVE-2023-5752, PRISMA-2022-0168)

Summary IBM watsonx.ai on Cloud Pak for Data internally uses CVE-2023-5752 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary...

CVE-2026-4549

creationtimestamp| type| source ---|---|--- 2026-06-05 05:59:14+00:00| seen| https://bsky.app/profile/blackhatnews.tokyo/post/3mnjhi4skj32s...

BIT-AIRFLOW-2026-40961 Apache Airflow: Open Redirect Bypass Vulnerability

A bug in the login redirect route in Apache Airflow allowed authenticated users to craft URLs that bypassed the issafeurl check, enabling redirection from a trusted Airflow domain to an attacker-controlled origin. Users are advised to upgrade to apache-airflow 3.2.2 or later. As a defense-in-dept...

CVE-2026-11293

creationtimestamp| type| source ---|---|--- 2026-06-05 02:34:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnj42cy6ii25 2026-06-05 13:24:42+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-06 08:00:28+00:00| seen|...

CVE-2025-8873

creationtimestamp| type| source ---|---|--- 2026-06-05 00:01:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnitj56uzy2r...

PT-2026-47032

Name of the Vulnerable Software and Affected Versions WP Captcha PRO versions prior to 5.39 Description The plugin is susceptible to arbitrary file upload, which can lead to remote code execution. The issue stems from a flawed capability check in the save ajax function within the licensing module...

PT-2026-46927

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege...

RockyLinux 10 : osbuild-composer (RLSA-2026:22450)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:22450 advisory. golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip CVE-2025-61728 golang: net/url: Memory exhaustion in query...

RockyLinux 10 : git-lfs (RLSA-2026:19133)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19133 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the roo...

CVE-2026-42547

creationtimestamp| type| source ---|---|--- 2026-06-04 23:16:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mniqyn4crz2g...