BIT-MONGODB-2026-6914 MD5 checksum creation may cause availability loss

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

OPENSUSE-SU-2026:10735-1 tor-0.4.9.8-1.1 on GA media

These are all security issues fixed in the tor-0.4.9.8-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-39160

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

OPENSUSE-SU-2026:10722-1 glibc-2.43-2.1 on GA media

These are all security issues fixed in the glibc-2.43-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10729-1 krb5-1.22.2-3.1 on GA media

These are all security issues fixed in the krb5-1.22.2-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10732-1 libmodsecurity3-3.0.15-1.1 on GA media

These are all security issues fixed in the libmodsecurity3-3.0.15-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10720-1 firefox-esr-140.10.2-1.1 on GA media

These are all security issues fixed in the firefox-esr-140.10.2-1.1 package on the GA media of openSUSE Tumbleweed...

Important: Red Hat Security Advisory: General availability of the satellite/iop-puptoo-rhel9 container image

A new satellite/iop-puptoo-rhel9 container image is now generally available in the Red Hat container registry. Red Hat Lightspeed in Satellite analyzes system health and configuration by applying predefined rules to a small set of local data, such as installed packages, running services, and...

drm/amdgpu/ras: Move ras data alloc before bad page check

...

RLSA-2026:13902 Important: resource-agents security update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion...

PT-2026-38899

These are all security issues fixed in the libexif-devel-0.6.26-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-38445

Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via gethostbyname but passes the original hostname to cURL without CURLOPT RESOLVE pinning on 10 of 11 outbound HTTP endpoints, leaving a DN...

PT-2026-39326

Name of the Vulnerable Software and Affected Versions streamlink versions prior to 8.4.0 Description Streamlink's HLS and DASH parsers fail to validate the URI scheme of segment entries and other resources. A remote attacker can host a malicious .m3u8 HLS playlist or .mpd DASH manifest that lists...

Linux Distros Unpatched Vulnerability : CVE-2026-43252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating this warning: WARNING:...

OPENSUSE-SU-2026:10718-1 python311-Django-5.2.14-1.1 on GA media

These are all security issues fixed in the python311-Django-5.2.14-1.1 package on the GA media of openSUSE Tumbleweed...

gnutls-3.8.13-1.1 on GA media (moderate)

gnutls-3.8.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10691-1 Rating: moderate Cross-References: CVE-2026-33845 CVE-2026-33846 CVE-2026-3832 CVE-2026-3833 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015 CVE-2026-5260 CVE-2026-5419...

chromedriver-148.0.7778.96-1.1 on GA media (moderate)

chromedriver-148.0.7778.96-1.1 on GA media Announcement ID: openSUSE-SU-2026:10689-1 Rating: moderate Cross-References: CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344...

PT-2026-38898

These are all security issues fixed in the copacetic-0.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

libmariadbd-devel-11.8.6-1.1 on GA media (moderate)

libmariadbd-devel-11.8.6-1.1 on GA media Announcement ID: openSUSE-SU-2026:10694-1 Rating: moderate Cross-References: CVE-2026-32710 CVSS scores: CVE-2026-32710 SUSE : 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-32710 SUSE : 7.7...

CVE-2026-43249

A flaw was found in the Linux kernel's 9p/xen filesystem driver. A race condition can occur when the xenwatch thread and other back-end change notifications concurrently attempt to free the front-end state using the xen9pfsfrontfree function. This can lead to a double-free vulnerability, resultin...