CVE-2025-55131 affecting package nodejs18 for versions less than 18.20.3-11

CVE-2025-55131 affecting package nodejs18 for versions less than 18.20.3-11. A patched version of the package is available...

CVE-2025-61102 affecting package frr for versions less than 8.5.5-5

CVE-2025-61102 affecting package frr for versions less than 8.5.5-5. A patched version of the package is available...

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

firefox: thunderbird: Incorrect boundary conditions in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics component...

firefox: thunderbird: Sandbox escape due to integer overflow in the Graphics component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to integer overflow in the Graphics component...

firefox: thunderbird: Information disclosure in the Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Networking component...

firefox: thunderbird: Use-after-free in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine component...

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

firefox: thunderbird: Use-after-free in the IPC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the IPC component...

CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

CVE-2026-0775 vulnerabilities

Vulnerabilities for packages: saf, code-server, renovate, npm, vitess...

GHSA-3966-F6P6-2QR9 vulnerabilities

Vulnerabilities for packages: code-server, saf, graalvm, gitlab-rails-ce, actions-runner, gitlab-rails-ce-fips, npm, renovate, vitess...

oauth2-proxy -- multiple vulnerabilities

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed...

CVE-2026-24843 vulnerabilities

Vulnerabilities for packages: wolfictl...

CVE-2025-14874 vulnerabilities

Vulnerabilities for packages: kibana, librechat, jitsucom-jitsu, langfuse...

CVE-2026-23104

In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b "ice: read internal temperature sensor" introduced internal temperature sensor reading via HWMON. icehwmoninit was added to iceinitfeature and icehwmonexit was added to...

CVE-2026-23082

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

CVE-2026-23074

In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root qdisc. We need to check for that constraint. Although not important, I will describe the scenario th...

CVE-2026-23073

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211vif contains trailing space for vif driver data, when struct ieee80211vif is allocated, the total memory size that is allocated is...

CVE-2026-23040

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...