SUSE CVE-2026-27727

mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote factoryClassLocation values, by which code can be downloaded and invoked within a running application. If an attacker can provoke an...

GHSA-M7RX-Q9F3-3P96 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-M568-C33V-G59Q vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-2PRW-JCJ2-H5XF vulnerabilities

Vulnerabilities for packages: chromium...

valkey security update

8.0.7-1 - Rebase to 8.0.7 for CVE-2026-21863 CVE-2025-67733...

firefox security update

140.8.0-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.8.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.8.0-2 - Update to 140.8.0 ESR...

CVE-2026-25953

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...

GHSA-QRVQ-68C2-7GRW vulnerabilities

Vulnerabilities for packages: kine, nats-top, telegraf, k3s...

CVE-2026-3203

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service...

CVE-2026-3202

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service...

firefox: thunderbird: Use-after-free in the JavaScript: GC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...

SUSE CVE-2026-2759

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

SUSE CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

SUSE CVE-2026-2774

Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

SUSE CVE-2026-2781

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...

CVE-2025-14009 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.11-sdk, nemo, py3-nltk, kubeflow-pipelines-visualization-server, label-studio, open-webui...

CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69418 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

CVE-2026-2759

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2026-2781

Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35...

CVE-2026-2805

Invalid pointer in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...