CVE-2026-4698 vulnerabilities

Vulnerabilities for packages: firefox...

GHSA-X6GF-MPR2-68H6 vulnerabilities

Vulnerabilities for packages: trillian, harbor, teleport, argo-workflows, hydra-fips, grafana-alloy-fips, vault-fips, teleport-operator-fips, gotrue-fips, ory-kratos-fips, grafana-alloy, bento-fips, harbor-fips, ory-kratos, steampipe, argo-workflows-fips, hydra, flyte, trillian-fips, migrate,...

CVE-2026-33871 vulnerabilities

Vulnerabilities for packages: camunda, elasticsearch, apache-hop, management-api-for-apache-cassandra-5.0, pinot, reposilite, apache-pulsar-fips, hono, kafka-bridge, druid, wavefront-proxy, kafbat-ui-fips, commercial-elasticsearch, camunda-zeebe, akhq, keycloak-fips, pinot-fips, kayenta,...

CVE-2026-27856

Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can use this to determine the configured credentials. Figuring out the credential will lead into full access to the affected component. Limit access to the doveadm http service port,...

GHSA-H6C8-CWW8-35HF vulnerabilities

Vulnerabilities for packages: grafana...

CVE-2026-33729 vulnerabilities

Vulnerabilities for packages: grafana-fips, grafana...

GHSA-GC5V-M9X4-R6X2 vulnerabilities

Vulnerabilities for packages: mlflow, kserve, airflow, open-webui, pypy-3.11, py3-cassandra-medusa, pypy-3.10, kubeflow-volumes-web-app, jwt-tool, ggshield, kubeflow-katib, py3-pip, k8s-sidecar, kubeflow-pipelines, checkov, superset, confluent-docker-utils, py3-pipenv, dask-kubernetes,...

GHSA-G3VH-WFH4-FP76 vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-azure, linux-qemu, linux-aws, linux-vmware...

firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...

SUSE CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

GHSA-GFWX-W7GR-FVH7 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.13-sdk, nemo, py3-nltk, apache-beam-python-3.12-sdk, apache-beam-python-3.11-sdk, label-studio, open-webui, kubeflow-pipelines-visualization-server...

golang security update

1.25.8-1 - Update to Go 1.25.8 fips-1...

CVE-2026-33218 vulnerabilities

Vulnerabilities for packages: telegraf, nats, kine, k3s, nats-top...

GHSA-V722-JCV5-W7MC vulnerabilities

Vulnerabilities for packages: telegraf, nats, kine, k3s, nats-top...

GHSA-JXXM-27VP-C3M5 vulnerabilities

Vulnerabilities for packages: telegraf, nats, kine, k3s, nats-top...

GHSA-FCJP-H8CC-6879 vulnerabilities

Vulnerabilities for packages: telegraf, nats, kine, k3s, nats-top...

GHSA-52JH-2XXH-PWH6 vulnerabilities

Vulnerabilities for packages: telegraf, nats, kine, k3s, nats-top...

CVE-2025-64433 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

CVE-2025-64324 vulnerabilities

Vulnerabilities for packages: docker-machine-driver-harvester...

GHSA-PWX7-FX9R-HR4H vulnerabilities

Vulnerabilities for packages: milvus, nats-top, prometheus-nats-exporter, nats, nats-top-fips, prometheus-nats-exporter-fips, rke2-runtime, nats-fips, kine, k3s, telegraf, rke2-runtime-fips...