CVE-2026-31470

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

CVE-2026-31478

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

CVE-2026-6861

A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG Scalable Vector Graphics CSS Cascading Style Sheets data. A local user could exploit this by convincing a victim to open a malicious SVG file, which may lead to a denial...

CVE-2026-22020

updated libpng in Oracle Java...

GHSA-Q49F-XG75-M9XW vulnerabilities

Vulnerabilities for packages: wizer, zed, wasmcloud, yara-x...

GHSA-JJ8C-MMJ3-MMGV vulnerabilities

Vulnerabilities for packages: open-webui, airflow, mlflow, datahub-ingestion-fips, datahub-ingestion, pgadmin4-fips...

CVE-2026-34308

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL...

GHSA-5592-P365-24XH vulnerabilities

Vulnerabilities for packages: imagemagick...

CVE-2026-34990 affecting package cups for versions less than 2.4.17-1

CVE-2026-34990 affecting package cups for versions less than 2.4.17-1. An upgraded version of the package is available that resolves this issue...

GHSA-C3FC-8QFF-9HWX vulnerabilities

Vulnerabilities for packages: camunda, hono, zipkin, kayenta-fips, ruby3.2-bouncy-castle-java, jruby, apache-nifi-registry, ruby3.3-bouncy-castle-java, camunda-zeebe, nacos-docker, druid, jenkins, keycloak, geoserver, ruby4.0-bouncy-castle-java, guacamole-client, ruby3.4-bouncy-castle-java,...

CVE-2026-1839 vulnerabilities

Vulnerabilities for packages: py3-transformers, vllm-openai-cuda-12.9, nemo, lmcache-cuda-12.8, tritonserver-backend-vllm-cuda-13.0...

GHSA-MJ87-HWQH-73PJ vulnerabilities

Vulnerabilities for packages: kserve, airflow, semgrep...

SUSE CVE-2026-32178

unknown...

GHSA-P824-JMV3-C7RJ vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-7RPR-3745-83C9 vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-44VF-4X73-JV4X vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-24V7-W2X9-2CXH vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-6305 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-5897 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-5873 vulnerabilities

Vulnerabilities for packages: chromium...