CVE-2026-8199

CVE-2026-8199 affects MongoDB Server before certain patched versions across multiple lines: v7.0 <7.0.34, v8.0 <8.0.23, v8.2 <8.2.9, and v8.3

OPENSUSE-SU-2026:10775-1 rsync-3.4.1-5.1 on GA media

These are all security issues fixed in the rsync-3.4.1-5.1 package on the GA media of openSUSE Tumbleweed...

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform developed by the American company VMware, which can be directly installed on physical servers. VMware ESXi has a security vulnerability that stems from unreliable pointer dereferencing. This vulnerability could allow attackers to access kernel memor...

OPENSUSE-SU-2026:10767-1 ffmpeg-4-4.4.6-12.1 on GA media

These are all security issues fixed in the ffmpeg-4-4.4.6-12.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10768-1 ffmpeg-7-7.1.3-3.1 on GA media

These are all security issues fixed in the ffmpeg-7-7.1.3-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10776-1 tekton-cli-0.45.0-1.1 on GA media

These are all security issues fixed in the tekton-cli-0.45.0-1.1 package on the GA media of openSUSE Tumbleweed...

jupyter-jupyterlab-4.5.7-1.1 on GA media (moderate)

jupyter-jupyterlab-4.5.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:10748-1 Rating: moderate Cross-References: CVE-2026-40171 CVE-2026-42266 CVE-2026-42557 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all securi...

libvinylapi3-9.0.0-1.1 on GA media (moderate)

libvinylapi3-9.0.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10751-1 Rating: moderate Cross-References: CVE-2013-4484 CVE-2019-15892 CVE-2022-23959 CVE-2022-38150 CVE-2022-45059 CVE-2022-45060 CVE-2023-44487 CVE-2025-30346 CVSS scores: CVE-2022-23959 SUSE : 7.4...

OPENSUSE-SU-2026:10769-1 flux2-cli-2.8.7-1.1 on GA media

These are all security issues fixed in the flux2-cli-2.8.7-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-44222

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

CVE-2026-44222 vLLM: Remote DoS via Special-Token Placeholders

vLLM is an inference and serving engine for large language models LLMs. From 0.6.1 to before 0.20.0, there is a a Token Injection vulnerability in vLLM’s multimodal processing. Unauthenticated, text-only prompts that spell special tokens are interpreted as control. Image and video placeholder...

EUVD-2026-29522

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

EUVD-2026-29534

Improper input validation for some IntelR QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...

EUVD-2025-209789

Use after free for some Linux kernel driver for the IntelR Ethernet 800 series before version 2.3.14 within Ring 0: Kernel may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2025-36515

CVE-2025-36515 affects AI Playground software prior to 3.0.0 alpha. The issue is an Uncontrolled search path vulnerability in Ring 3: User Applications that can lead to privilege escalation. An unprivileged adversary with an authenticated user and high attack complexity could exploit a local atta...

CVE-2026-20879

CVE-2026-20879 affects the Intel Data Center Graphics Driver for VMware ESXi (pre-2.0.2). An out-of-bounds write in Ring 1 device drivers can lead to denial of service and data corruption. The CVE lists local access requirements with high privileges and no user interaction, with potential impacts...

CVE-2026-20771

Null pointer dereference for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...

CVE-2026-22924

A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions...

CVE-2026-22924

A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions...

CVE-2026-22924

A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions...