Security Bulletin: Multiple Security vulnerabilities affecting IBM Knowledge Catalog Standard Cartridge

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog Standard Cartridge. These vulnerabilities had been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-36187 DESCRIPTION: IBM...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.1 release and security update

Red Hat JBoss Web Server 6.2.1 is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives ...

Important: Red Hat Security Advisory: Red Hat JBoss Web Server 6.2.1 release and security update

Red Hat JBoss Web Server 6.2.1 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System...

Security update 5.0.7 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot: Version update to 1.1.0: Retry DHCP requests up to 3 times bsc1253004 golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization and update golang-github-boynux-squidexporter: Version update from 1.6.0 to 1.13.0 with the...

SUSE-SU-2026:1013-1 Security update 5.0.7 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot: - Version update to 1.1.0: Retry DHCP requests up to 3 times bsc1253004 golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization and update golang-github-boynux-squidexporter: - Version update from 1.6.0 to 1.13.0 wi...

SUSE-SU-2026:1011-1 Security update 5.0.7 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: - Non-customer-facing optimization and update golang-github-boynux-squidexporter: - Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes jscPED-14971: Added compatibility for Squi...

SUSE-SU-2026:1010-1 Security update 5.0.7 for Multi-Linux Manager Server

This update fixes the following issues: branch-network-formula: - Update to version 1.1.0 Enable containers on SLE15SP7 Exclude podman interfaces from sysctl setting cobbler: - Compatibility fixes for tftpboot directory setup inter-server-sync: - Version 0.3.10-0 Write log to a rotated file witho...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons Lang (CVE-2025-48924)

Summary A vulnerability in Apache Commons Lang that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with...

CVE-2026-32642

A flaw was found in Apache Artemis and Apache ActiveMQ Artemis. An authenticated user can exploit this incorrect authorization vulnerability by attempting to create a non-durable Java Message Service JMS topic subscription on an address that does not exist. If the user has "createDurableQueue"...

CVE-2026-4649

A flaw was found in Apache Artemis and KNIME Business Hub. A user with normal privileges and the ability to execute workflows in an executor can exploit an authentication bypass vulnerability. This allows the user to install and register a federated mirror without authentication to the original...

CVE-2026-33307

A flaw was found in modgnutls, a TLS module for Apache HTTPD. A remote attacker could exploit this vulnerability by sending a specially crafted client certificate chain to a server configured to use client certificates. This could lead to a buffer overflow due to the module not properly checking...

BIT-TOMCAT-2023-28709 Apache Tomcat: Fix for CVE-2023-24998 is incomplete

The fix for CVE-2023-24998 was incomplete for Apache Tomcat 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount could be reached using query string parameters and a request was submitted that supplied exactly...

EUVD-2026-14782

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

org.apache.artemis:apache-artemis (>=2.50.0 <=2.52.0), org.apache.artemis:artemis-features (>=2.50.0 <=2.52.0) +1 more potentially affected by CVE-2026-32642 via org.apache.artemis:artemis-openwire-protocol (>=2.50.0 <=2.52.0)

org.apache.artemis:artemis-openwire-protocol MAVEN version =2.50.0, =2.50.0, =2.50.0, =2.50.0, =2.52.0 Source cves: CVE-2026-32642 Source advisory: OSV:GHSA-F4GC-MWRG-Q36R...

EUVD-2026-14786

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

GHSA-F4GC-MWRG-Q36R Apache Artemis: Unauthorized Temporary Address Creation via OpenWire Protocol

Incorrect Authorization CWE-863 vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable JMS topic subscription on an address that doesn't exist with an authenticated user which has the "createDurableQueue"...

CVE-2026-4649

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

CVE-2026-4649 Auth bypass in Apache Artemis allows reading all internal messages

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

CVE-2026-4649

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...

CVE-2026-4649 Auth bypass in Apache Artemis allows reading all internal messages

Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message CVE-2026-27446 https://www.cve.org/CVERecord . Since KNIME Business Hub uses Apache Artemis it is also affected by the issue...