EUVD-2026-25392

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: nghttp2 (UTSA-2026-014315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014315 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when use...

GHSA-J99G-7RQW-Q9JG nimiq-blockchain: Peer-triggerable panic during history sync

Impact HistoryStore::puthistorictxns uses an assert! to enforce invariants about HistoricTransaction.blocknumber must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into...

EUVD-2026-25064

nimiq-blockchain: Peer-triggerable panic during history sync...

CLSA-2025-1758636652 openldap: Fix of 14 CVEs

Rebase to 2.4.58 to fix the following vulnerabilities: - CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions - CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing - CVE-2020-36223: fix slapd crash in the Values Return...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013823 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifsreleasepage: Remove ubifsassert0 to valid this process There are two states for ubifs...

SUSE SLES15 Security Update : glibc-livepatches (SUSE-SU-2026:1501-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1501-1 advisory. This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an...

SUSE SLES15 Security Update : glibc-livepatches (SUSE-SU-2026:1498-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1498-1 advisory. This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an...

CVE-2026-0971 GoAnywhere MFT SAML Sessions do not redirect to logout URL on session timeout

An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the regular login page instead of the SAML login page...

JLSEC-2026-170

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

JLSEC-2026-162

A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23. The highest threat from this vulnerability is to system availability...

JLSEC-2026-161

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability...

JLSEC-2026-163

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service schemainit.c serialNumberAndIssuerCheck...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013331 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011124 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifsreleasepage: Remove ubifsassert0 to valid this process There are two states for ubifs...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010994)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010994 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents...

SUSE-SU-2026:1501-1 Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209...

Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2026:1498-1 Security update for glibc-livepatches

This update for glibc-livepatches fixes the following issue: - CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application bsc1261209...