CVE-2026-54297

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. From 1.0.0 until 1.10.6 and 2.14.3, Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nestin...

GHSA-H67P-54HQ-RP68 vulnerabilities

Vulnerabilities for packages: code-server, prism, pulumi, vitess, opensearch-dashboards, kubeflow-pipelines, saf...

CVE-2026-12012 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

CVE-2026-44894

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

GHSA-56WM-H6F8-C34V vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-MHRM-MF55-J4P7 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-M2RP-HQMH-CM5F vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

CVE-2026-44488 vulnerabilities

Vulnerabilities for packages: wazuh-dashboard, wazuh-dashboard-fips, opensearch-dashboards-fips, nextcloud-server, opensearch-dashboards...

CVE-2025-66236 vulnerabilities

Vulnerabilities for packages: airflow, airflow-core...

GHSA-457M-JPVX-PQX9 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-GH93-JMVR-G4F3 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-9892 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-10014 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-48XX-R45R-42QG vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-26-openj9...

CVE-2026-9884 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-6846 vulnerabilities

Vulnerabilities for packages: binutils...

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

GHSA-M8XP-VJQ7-78WM vulnerabilities

Vulnerabilities for packages: chromium...