CVE-2026-3219 affecting package python-pip for versions less than 24.2-8

CVE-2026-3219 affecting package python-pip for versions less than 24.2-8. A patched version of the package is available...

CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3

CVE-2025-2137 affecting package nodejs for versions less than 24.14.1-3. An upgraded version of the package is available that resolves this issue...

Kibana 8.x < 8.19.16 / 9.0.x < 9.3.5 / 9.4.x < 9.4.1 DoS (ESA-2026-32)

The version of Kibana installed on the remote host is prior to 8.19.16, 9.3.5, or 9.4.1. It is, therefore, affected by a vulnerability as referenced in the ESA-2026-32 advisory. - Uncontrolled Resource Consumption CWE-400 in Kibana can lead to a denial of service via Excessive Allocation CAPEC-13...

Linux Distros Unpatched Vulnerability : CVE-2026-42320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary file...

CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6

CVE-2026-46597 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...

CVE-2026-8980

The Mennekes Amtron series firmware versions ≤ 5.22.3 is vulnerable to privilege escalation. An authenticated low-privileged user can change the passwords of the admin operator and manufacturer accounts via crafted POST requests...

Amazon Linux 2023 : libpq, libpq-devel (ALAS2023-2026-1711)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1711 advisory. Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack...

Astra Linux - уязвимость в thunderbird

Previously, Firefox for macOS and Linux would download temporary files to a user-specific directory in /tmp. However, this behavior was changed so that the files were downloaded to /tmp, where they could be affected by other local users. This behavior has been reverted to the original,...

CVE-2026-6861 affecting package emacs for versions less than 29.4-4

CVE-2026-6861 affecting package emacs for versions less than 29.4-4. A patched version of the package is available...

CVE-2026-31623 affecting package kernel for versions less than 6.6.137.1-1

CVE-2026-31623 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-31525 affecting package kernel for versions less than 6.6.134.1-2

CVE-2026-31525 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-31496 affecting package kernel for versions less than 6.6.134.1-2

CVE-2026-31496 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-31689 affecting package kernel for versions less than 6.6.137.1-1

CVE-2026-31689 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-31682 affecting package kernel for versions less than 6.6.134.1-2

CVE-2026-31682 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-31586 affecting package kernel for versions less than 6.6.137.1-1

CVE-2026-31586 affecting package kernel for versions less than 6.6.137.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-27312 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2026-33456 Potential livestatus injection in notification test

Livestatus injection in the notification test mode in Checkmk 2.5.0b4 and 2.4.0p26 allows an authenticated user with access to the notification test page to inject arbitrary Livestatus commands via a crafted service description...

CVE-2026-35177 affecting package vim for versions less than 9.2.0315-1

CVE-2026-35177 affecting package vim for versions less than 9.2.0315-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-2513

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.5 and 13.0.3, whereby an administrator who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated web session...

CVE-2026-23068 affecting package kernel for versions less than 6.6.126.1-1

CVE-2026-23068 affecting package kernel for versions less than 6.6.126.1-1. A patched version of the package is available...