CVE-2025-59023

Crafted delegations or IP fragments can poison cached delegations in Recursor...

CVE-2026-25727 vulnerabilities

Vulnerabilities for packages: pixi, sentry-cli, cedar, guestproxyagent, yara-x, sccache, yazi, sqlx, cargo-c, virtiofsd, zizmor, mountpoint-s3, oranda, qdrant, uutils, buck2, nushell, quiche, shadowsocks-rust, rye, atuin, xh, jujutsu, wash, kdash, ztunnel-fips, py3-xet-core, deno, geckodriver,...

CVE-2026-0992 affecting package libxml2 for versions less than 2.10.4-10

CVE-2026-0992 affecting package libxml2 for versions less than 2.10.4-10. A patched version of the package is available...

CVE-2026-24771 vulnerabilities

Vulnerabilities for packages: librechat, langfuse-fips, langfuse...

CVE-2026-1312 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, awx, label-studio...

CVE-2025-14550 vulnerabilities

Vulnerabilities for packages: authentik, authentik-fips, awx, label-studio...

GHSA-QXX2-7H4C-83F4 vulnerabilities

Vulnerabilities for packages: cg, wolfictl...

CVE-2026-23065

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrfrecord The tmp buffer is allocated using kcalloc but is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in th...

CVE-2025-71192

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in sndac97controllerregister If ac97addadapter fails, putdevice is the correct way to drop the device reference. kfree is not required. Add kfree if idralloc fails and in ac97adapterrelease to do the...

CVE-2025-64438

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, a remotely triggerable Out-of-Memory OOM denial-of-service exists in Fast -DDS when processing RTPS GAP submessages under RELIABLE QoS. B...

CVE-2025-62601

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

GHSA-37QJ-FRW5-HHJH vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, langfuse, prism, tileserver-gl-fips, opensearch-dashboards, kibana, renovate, jitsucom-jitsu, opensearch-dashboards-fips, librechat, dbgate-fips, langfuse-fips, saf, tileserver-gl, dbgate...

CVE-2025-61654

Vulnerability in Wikimedia Foundation Thanks. This vulnerability is associated with program files includes/ThanksQueryHelper.Php. This issue affects Thanks: from before 1.43.4, 1.44.1...

CVE-2025-61652

Vulnerability in Wikimedia Foundation DiscussionTools.This issue affects DiscussionTools: from before 1.43.4, 1.44.1...

CVE-2025-61656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2025-61643

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/recentchanges/RecentChangeRCFeedNotifier.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1...

curl security update

8.12.1-2.el101.2 - openssl: respect system crypto policy for TLS max version RHEL-128923 8.12.1-2.el101.1 - cookie: don't treat the leading slash as trailing CVE-2025-9086 Resolves: RHEL-122689...

CVE-2025-55130 vulnerabilities

Vulnerabilities for packages: nodejs...

CVE-2025-59465 affecting package nodejs for versions less than 20.14.0-11

CVE-2025-59465 affecting package nodejs for versions less than 20.14.0-11. A patched version of the package is available...

CVE-2016-7075 vulnerabilities

Vulnerabilities for packages: kubernetes...