CVE-2026-31779

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

CVE-2026-31714

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid memory leak in f2fsrename syzbot reported a f2fs bug as below: BUG: memory leak unreferenced object 0xffff888127f70830 size 16: comm "syz.0.23", pid 6144, jiffies 4294943712 hex dump first 16 bytes: 3c af 57 72...

CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

GHSA-WR5X-GH5C-99V2 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-5WVF-8JJJ-7W99 vulnerabilities

Vulnerabilities for packages: firefox-esr...

CVE-2026-6785 vulnerabilities

Vulnerabilities for packages: firefox-esr...

CVE-2026-6770 vulnerabilities

Vulnerabilities for packages: firefox-esr...

CVE-2026-6761 vulnerabilities

Vulnerabilities for packages: firefox-esr...

CVE-2026-7320

Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1...

CVE-2026-41603

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

SUSE CVE-2026-35328

unknown...

CVE-2026-41604

Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

yggdrasil security update

0.4.8-4 - Bump release for rebuild...

CVE-2026-35236 affecting package mysql for versions less than 8.0.46-1

CVE-2026-35236 affecting package mysql for versions less than 8.0.46-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-22009 affecting package mysql for versions less than 8.0.46-1

CVE-2026-22009 affecting package mysql for versions less than 8.0.46-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-54505

A transient execution vulnerability within AMD CPUs may allow a local user-privileged attacker to leak data via the floating point divisor unit, potentially resulting in loss of confidentiality...

GHSA-58QW-9MGM-455V vulnerabilities

Vulnerabilities for packages: py3-pip, py3-pip-wheel-bootstrap, pypy-3.10, pypy-3.11, datadog-agent, tensorflow-cpu-jupyter, kubeflow-katib...

firefox security update

140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.10.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.0-1 - Update to 140.10.0 ESR...

CVE-2026-33557 vulnerabilities

Vulnerabilities for packages: apache-nifi, debezium-connector-informix, debezium-connector-ibmi, debezium, debezium-connector-spanner...

[SECURITY] Fedora 44 Update: stb-0^20260313git904aa67-2.fc44

Single-file public domain libraries for C/C++...