CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2

CVE-2026-27141 affecting package ignition-flatcar for versions less than 2.22.0-2. A patched version of the package is available...

CVE-2026-4647 affecting package crash for versions less than 9.0.0-2

CVE-2026-4647 affecting package crash for versions less than 9.0.0-2. A patched version of the package is available...

CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1

CVE-2025-66215 affecting package opensc for versions less than 0.27.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-22125 affecting package kernel for versions less than 6.6.137.1-2

CVE-2025-22125 affecting package kernel for versions less than 6.6.137.1-2. A patched version of the package is available...

CVE-2025-71290 affecting package kernel for versions less than 6.6.137.1-2

CVE-2025-71290 affecting package kernel for versions less than 6.6.137.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-39882 affecting package moby-engine for versions less than 25.0.3-17

CVE-2026-39882 affecting package moby-engine for versions less than 25.0.3-17. A patched version of the package is available...

CVE-2026-5107 affecting package frr for versions less than 10.5.0-2

CVE-2026-5107 affecting package frr for versions less than 10.5.0-2. A patched version of the package is available...

CVE-2026-32288 affecting package gh for versions less than 2.62.0-15

CVE-2026-32288 affecting package gh for versions less than 2.62.0-15. A patched version of the package is available...

CVE-2026-6861 affecting package emacs for versions less than 29.4-4

CVE-2026-6861 affecting package emacs for versions less than 29.4-4. A patched version of the package is available...

SUSE CVE-2026-39817

The "go tool pack" subcommand usually used only by the compiler as an internal tool with known-good inputs does not sanitize output filenames. Extracting a malicious archive file with the "pack" subcommand can write files to arbitrary locations on the filesystem...

GHSA-2283-WF8C-RW8R vulnerabilities

Vulnerabilities for packages: dbmate, secrets-store-csi-driver-provider-azure, cert-manager, buildkitd, thanos, sops, rancher, aws-flb-cloudwatch, runc, zot, kube-arangodb, hubble, redka, sftpgo-plugin-geoipfilter, mc, secrets-store-csi-driver, zarf, external-secrets-operator, minio-object-browse...

CVE-2026-39836 vulnerabilities

Vulnerabilities for packages: dbmate, secrets-store-csi-driver-provider-azure, cert-manager, bazelisk, buildkitd, nri-nginx, thanos-operator, thanos, calico, manifest-tool, configmap-reload, newrelic-nri-statsd, rancher, sops, conjur-cli, aws-flb-cloudwatch, incert, runc, timestamp-authority,...

GHSA-3V3M-WC6V-X4X3 vulnerabilities

Vulnerabilities for packages: argocd-image-updater...

GHSA-QF3Q-3H68-MMH2 vulnerabilities

Vulnerabilities for packages: crossplane-provider-aws-organizations, fulcio-fips, opentofu-fips, vertical-pod-autoscaler-fips, rabbitmq-default-user-credential-updater, gatekeeper-fips, kubelet-csr-approver-fips, opentelemetry-collector, licenseclassifier, agentbeat, chaos-mesh-fips,...

CVE-2026-42880 vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argocd-image-updater...

GHSA-3V3M-WC6V-X4X3 vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argocd-image-updater...

GHSA-VF5J-865M-MQ7C vulnerabilities

Vulnerabilities for packages: apache-nifi, jenkins...

CVE-2026-43471

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcdaddcommandtrace The kernel log indicates a crash in ufshcdaddcommandtrace, due to a NULL pointer dereference when accessing hwq-id. This can happen if...

CVE-2026-43446

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workqueue before suspending the device. If a job is still executing and calls pmruntimeresumeandget, it can...

CVE-2026-43434

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...