PT-2026-47098

There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...

OPENSUSE-SU-2026:10861-1 python311-pytest-html-4.2.0-2.1 on GA media

These are all security issues fixed in the python311-pytest-html-4.2.0-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-47102

A flaw was found in OpenJPEG’s encoder in the opj dwt calc explicit stepsizes function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability...

PT-2026-47103

There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to application availability...

CVE-2026-9365

A flaw was found in Ettercap. A remote attacker could exploit a heap-based buffer overflow vulnerability in the GG Dissector component by manipulating the gg argument within the FUNCDECODER function. This could lead to information disclosure, integrity impact, and availability impact. The attack...

EUVD-2026-31741

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

Critical: Red Hat Security Advisory: General availability of the satellite/iop-gateway-rhel9 container image

A new satellite/iop-gateway-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...

EUVD-2026-31666

A weakness has been identified in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /process/applyleaveprocess.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has...

amazon-ecs-init-1.103.0-2.1 on GA media (moderate)

amazon-ecs-init-1.103.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10848-1 Rating: moderate Cross-References: CVE-2026-33814 CVSS scores: CVE-2026-33814 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

OPENSUSE-SU-2026:10851-1 nano-9.0-2.1 on GA media

These are all security issues fixed in the nano-9.0-2.1 package on the GA media of openSUSE Tumbleweed...

hauler-1.4.3-3.1 on GA media (moderate)

hauler-1.4.3-3.1 on GA media Announcement ID: openSUSE-SU-2026:10843-1 Rating: moderate Cross-References: CVE-2026-39827 CVE-2026-39834 CVE-2026-42508 CVE-2026-46597 CVSS scores: CVE-2026-39827 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2026-39827 SUSE : 7.1...

OPENSUSE-SU-2026:10857-1 rsync-3.4.3-1.1 on GA media

These are all security issues fixed in the rsync-3.4.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10854-1 perl-XML-LibXML-2.0212-1.1 on GA media

These are all security issues fixed in the perl-XML-LibXML-2.0212-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10856-1 rclone-1.74.2-1.1 on GA media

These are all security issues fixed in the rclone-1.74.2-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-43022

Name of the Vulnerable Software and Affected Versions rclone versions prior to 1.74.2-1.1 Description Decoding a paletted BMP file with an out-of-range palette index causes a panic when accessing pixels in the invalid image. Recommendations Update to version 1.74.2-1.1...

OPENSUSE-SU-2026:10850-1 jq-1.8.1-3.1 on GA media

These are all security issues fixed in the jq-1.8.1-3.1 package on the GA media of openSUSE Tumbleweed...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow via the NGReset Message Handler process. An attacker can cause memory corruption and potentially impact confidentiality, integrity, and availability by sending specially crafted messages remotely. Remediation Upgrade...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow in the NGSetupRequest process. An attacker can cause memory corruption and potentially compromise confidentiality, integrity, and availability by sending specially crafted requests remotely. Remediation Upgrade...

OPENSUSE-SU-2026:10847-1 rqlite-10.1.0-1.1 on GA media

These are all security issues fixed in the rqlite-10.1.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10843-1 hauler-1.4.3-3.1 on GA media

These are all security issues fixed in the hauler-1.4.3-3.1 package on the GA media of openSUSE Tumbleweed...