RLSA-2026:15969 Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 14.2.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities stem from improperly partitioning response variants when using React Server Components, which can lead to cache...

ALSA-2026:15953 Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...

📄 CairoSVG Denial of Service

CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...

ALSA-2026:15971 Moderate: glib2 security update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: GLib: Buffer underflow...

GHSA-3V3M-WC6V-X4X3 vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argocd-image-updater...

CVE-2026-42880 vulnerabilities

Vulnerabilities for packages: argocd-image-updater-fips, argocd-image-updater...

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

In this article 1. Why Dirty Frag matters 2. Technical overview 3. Exploitation scenarios 4. Mitigation guidance 5. Post-mitigation integrity verification 6. References A newly disclosed Linux local privilege escalation vulnerability known as “Dirty Frag” enables escalation from an unprivileged...

GLiNER Guard: Unified Encoder Family for Production LLM Safety and Privacy

Production LLM systems require both safety moderation and PII detection under strict latency and cost constraints. This creates a trade-off: autoregressive moderators are accurate but expensive, while lightweight encoders are faster but less capable. We present GLiNER Guard GLiGuard, a unified...

GHSA-JG2M-9X48-3GVJ Apache Camel has an incomplete fix for CVE-2025-27636

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

Apache Camel has an incomplete fix for CVE-2025-27636

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

CVE-2026-40453

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

CVE-2026-40453 Apache Camel JMS, Apache Camel CoAP, Apache Camel Google PubSub: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injection

The fix for CVE-2025-27636 added setLowerCasetrue to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCasetrue call was not applied to five non-HTTP HeaderFilterStrategy...

CVE-2026-40453

Apache Camel non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) are affected by an incomplete fix for CVE-2025-27636. The fix added setLowerCase(true) to HttpHeaderFilterStrategy, but five non-HTTP implementations still use case-sensitive header filtering, wh...

PT-2026-35494

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A race condition exists in the driver core due to inconsistent locking in the driver match device function. While one call site holds the device lockdev, others such as bind store and...

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

Chinese-speaking individuals are the target of a new campaign that uses a trojanized version of SumatraPDF reader to deploy the AdaptixC2 Beacon post-exploitation agent and ultimately facilitate the abuse of Microsoft Visual Studio Code VS Code tunnels for remote access. Zscaler ThreatLabz, which...

MINI-38FX-RXC5-2MC5

Bulletin has no description...

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure VMware ESXi and core Windows file systems. This cross-platform...

New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks

Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks...

macOS Autodesk Fusion 360 <= 2606.0 Multiple Vulnerabilities (adsk-sa-2026-0005)

The version of Autodesk Fusion 360 installed on the remote macOS or Mac OS X host is less than or equal to 2606.0. It is, therefore, affected by multiple vulnerabilities: - A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by ...