CVE-2026-8524 vulnerabilities

Vulnerabilities for packages: chromium...

Astra Linux - уязвимость в vim

Vim is vulnerable to Heap-based Buffer Overflow attacks...

CVE-2026-47784

In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass...

firefox: thunderbird: Spoofing issue in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...

CVE-2026-43513 vulnerabilities

Vulnerabilities for packages: nacos-docker, ontop-fips, nacos, kayenta, ontop, kayenta-fips, thingsboard, camunda, camunda-zeebe...

GHSA-MPHV-75CG-56WG vulnerabilities

Vulnerabilities for packages: kibana...

GHSA-GHCM-XQFW-Q4VR vulnerabilities

Vulnerabilities for packages: langfuse-fips, librechat, langfuse...

CVE-2026-33523 affecting package httpd for versions less than 2.4.67-1

CVE-2026-33523 affecting package httpd for versions less than 2.4.67-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-6637 affecting package postgresql for versions less than 16.14-1

CVE-2026-6637 affecting package postgresql for versions less than 16.14-1. An upgraded version of the package is available that resolves this issue...

GHSA-VFVV-C25P-M7MM vulnerabilities

Vulnerabilities for packages: pixi, uv...

CVE-2026-43098 vulnerabilities

Vulnerabilities for packages: linux-gcp, linux-vmware, linux-qemu, linux-aws, linux-azure...

GHSA-QG8R-F7X3-25F7 vulnerabilities

Vulnerabilities for packages: zola...

SUSE CVE-2026-28380

Any Editor could delete any snapshot, even if they have no access to read or write them...

CVE-2026-7259 affecting package php for versions less than 8.3.31-1

CVE-2026-7259 affecting package php for versions less than 8.3.31-1. A patched version of the package is available...

GHSA-8297-V2RF-2P32 vulnerabilities

Vulnerabilities for packages: jenkins...

GHSA-R95X-QFJJ-FJJ2 vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2026-44681 vulnerabilities

Vulnerabilities for packages: airflow...

GHSA-38C5-483C-4QQP vulnerabilities

Vulnerabilities for packages: zed...

GHSA-W26R-RMM8-9C29 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, py3-django...

CVE-2026-40460

When NGINX Plus or NGINX Open Source are configured to use the HTTP/3 QUIC module, an attacker may be able to spoof their source IP address allowing for bypass of authorization or bypass of rate limiting. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...