CVE-2026-41964

Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-6409

A Denial of Service DoS vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages—specifically those containing negative varints or deep recursion—can be used to crash the application, impacting service availability...

CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

CVE-2026-40851

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

CVE-2026-0481

Unrestricted IP address binding in the AMD Device Metrics Exporter ROCm ecosystem could allow a remote attacker to perform unauthorized changes to the GPU configuration, potentially resulting in loss of availability...

CVE-2026-35242

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2024-21950

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...

ROOT-OS-UBUNTU-2204-CVE-2024-50009 CVE-2024-50009 in rootio-linux - Patched by Root

Root has patched CVE-2024-50009 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2026-43068 CVE-2026-43068 in rootio-linux - Patched by Root

Root has patched CVE-2026-43068 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2204-CVE-2022-49940 CVE-2022-49940 in rootio-linux - Patched by Root

Root has patched CVE-2022-49940 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

Linux Distros Unpatched Vulnerability : CVE-2026-11294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

ROS-20260605-73-0052

The vulnerability of the Access API components of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

ROS-20260605-73-0080

The vulnerability in Firefox is related to a behavior that depends on unspecified types of implementations for each type. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

OPENSUSE-SU-2026:10959-1 go1.25-1.25.11-1.1 on GA media

These are all security issues fixed in the go1.25-1.25.11-1.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260605-73-0062

The vulnerability of the JavaScript Engine component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility ...

OPENSUSE-SU-2026:10963-1 python311-aiohttp-3.14.0-1.1 on GA media

These are all security issues fixed in the python311-aiohttp-3.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10960-1 go1.26-1.26.4-1.1 on GA media

These are all security issues fixed in the go1.26-1.26.4-1.1 package on the GA media of openSUSE Tumbleweed...

Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection

Summary Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause...

Important: Red Hat Security Advisory: Multicluster Global Hub 1.6.2 security update

Multicluster Global Hub v1.6.2 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

PT-2026-46303

Summary Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause...