firefox: thunderbird: Incorrect boundary conditions, integer overflow in the Graphics: Text component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions, integer overflow in the Graphics: Text component...

CVE-2026-6779

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...

GHSA-FJRM-76X2-C4Q4 vulnerabilities

Vulnerabilities for packages: py3-jwcrypto...

CVE-2026-33375 vulnerabilities

Vulnerabilities for packages: grafana-fips...

GHSA-VV23-JMR5-38V3 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-5879 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-3M3G-56CX-59Q7 vulnerabilities

Vulnerabilities for packages: chromium...

[SECURITY] Fedora 44 Update: plasma-integration-6.6.4-1.fc44

Qt Platform Theme integration plugin for Plasma...

CVE-2026-40293 vulnerabilities

Vulnerabilities for packages: grafana, openfga...

GHSA-24J9-X2WG-9QV6 vulnerabilities

Vulnerabilities for packages: kayenta-fips, nacos, kayenta, ontop-fips, ontop, camunda, thingsboard, camunda-zeebe, nacos-docker...

CVE-2026-34829 vulnerabilities

Vulnerabilities for packages: ruby3.2-rails, ruby4.0-rack, logstash, ruby3.2-rack, ruby3.4-rack, ruby3.3-rack, ruby3.4-rails, kube-fluentd-operator...

CVE-2026-5194

Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication...

CVE-2026-34983

Wasmtime is a runtime for WebAssembly. In 43.0.0, cloning a wasmtime::Linker is unsound and can result in use-after-free bugs. This bug is not controllable by guest Wasm programs. It can only be triggered by a specific sequence of embedder API calls made by the host. Specifically, the following...

GHSA-XMRV-PMRH-HHX2 vulnerabilities

Vulnerabilities for packages: rqlite, temporal-server, bento, sops, crossplane-provider-aws-lambda, cerbos, k8sgpt, grafana-mimir, zarf, boring-registry, ksops, buildkitd, yace, kots, crossplane-provider-aws-elasticache, gomplate, grafana-alloy, vault-env, keda, litestream, spire-server, snyk-cli...

GHSA-53MR-6C8Q-9789 vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2026-34079

Flatpak is a Linux application sandboxing and distribution framework. Prior to 1.16.4, the caching for ld.so removes outdated cache files without properly checking that the app controlled path to the outdated cache is in the cache directory. This allows Flatpak apps to delete arbitrary files on t...

GHSA-Q2Q4-JJP8-F6M3 vulnerabilities

Vulnerabilities for packages: perl...

GHSA-3WQ7-RQQ7-WX6J vulnerabilities

Vulnerabilities for packages: open-webui, dask-kubernetes, py3-cassandra-medusa, kubeflow-pipelines-visualization-server, kserve, checkov, airflow...

CVE-2026-1519 affecting package bind for versions less than 9.20.21-1

CVE-2026-1519 affecting package bind for versions less than 9.20.21-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-34827 vulnerabilities

Vulnerabilities for packages: pact-broker-docker-fips, logstash, kube-fluentd-operator, ruby3.2-rails, ruby3.4-rails, pact-broker-docker...