OPENSUSE-SU-2026:10504-1 corepack24-24.14.1-1.1 on GA media

These are all security issues fixed in the corepack24-24.14.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10501-1 MozillaThunderbird-140.9.1-1.1 on GA media

These are all security issues fixed in the MozillaThunderbird-140.9.1-1.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260408-73-0017

A vulnerability in the fs/btrfs/qgroup.c component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...

GHSA-RXMX-G7HR-8MX4 OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders

Summary Before OpenClaw 2026.4.2, Zalo webhook replay dedupe keys were not scoped strongly enough across chat and sender dimensions. Legitimate events from different conversations or senders could collide and be dropped as duplicates. Impact Cross-conversation or cross-sender collisions could cau...

GHSA-WWFP-W96M-C6X8 OpenClaw: Pairing pending-request caps were enforced per channel instead of per account

Summary Before OpenClaw 2026.3.31, pending pairing-request caps were enforced per channel file instead of per account. On multi-account channel setups, requests from other accounts could fill the shared pending window and block new pairing challenges on an unaffected account. Impact This issue...

Improper Link Resolution

kubevirt.io/kubevirt is vulnerable to improper link resolution. The vulnerability is due to lack of verification of whether the launcher-sock is a symlink or regular file, which allows an attacker with control over the virt-launcher pod file system to manipulate file ownership on the host and...

OPENSUSE-SU-2026:10495-1 ckermit-9.0.302-20.1 on GA media

These are all security issues fixed in the ckermit-9.0.302-20.1 package on the GA media of openSUSE Tumbleweed...

ROS-20260407-73-0034

A vulnerability in the fs/buffer.c component of the Linux operating system kernel is related to the use of memory after it has been freed. Exploitation of the vulnerability allows an intruder to affect the integrity and availability of protected information...

ROS-20260407-73-0014

A vulnerability in the sctprcv function of the net/sctp/input.c module of the Linux kernel is associated with the use of an uninitialized variable. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

Budibase: Path traversal in plugin file upload enables arbitrary directory deletion and file write

Summary The plugin file upload endpoint POST /api/plugin/upload passes the user-supplied filename directly to createTempFolder without sanitizing path traversal sequences. An attacker with Global Builder privileges can craft a multipart upload with a filename containing ../ to delete arbitrary...

OPENSUSE-SU-2026:10491-1 python311-scitokens-1.8.1-2.1 on GA media

These are all security issues fixed in the python311-scitokens-1.8.1-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10492-1 liblzma5-32bit-5.8.3-1.1 on GA media

These are all security issues fixed in the liblzma5-32bit-5.8.3-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10489-1 libinput-devel-1.31.1-1.1 on GA media

These are all security issues fixed in the libinput-devel-1.31.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10488-1 corosync-3.1.10-4.1 on GA media

These are all security issues fixed in the corosync-3.1.10-4.1 package on the GA media of openSUSE Tumbleweed...

JLSEC-2026-27

A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest...

CVE-2026-33615

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the setinfo endpoint due to improper neutralization of special elements in a SQL UPDATE command. This can result in a total loss of integrity and availability...

GHSA-W85G-3H6X-4XH2 OpenClaw: Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS

Summary Image pixel-limit guard can fail open on sips and allow decompression-bomb DoS Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Shipped v2026.3.28 image processing could fail open on oversized pixel counts and allow decompression-bomb DoS, an availabili...

ROS-20260403-73-0026

A vulnerability in the fbdev component of the Linux operating system kernel is related to writing outside of buffer boundaries. Exploitation of the vulnerability allows an attacker to affect confidentiality, integrity and availability of protected information...

ROS-20260403-73-0037

A vulnerability in the doregisterframebuffer function of the fbdev/core/fbmem.c component of the Linux kernel is related to writing outside the buffer boundaries. Exploitation of the vulnerability allows an attacker to violate the integrity and availability of protected information...

ROS-20260403-73-0033

A vulnerability in the jfs/file.c component of the Linux operating system kernel is related to insufficient input data validation. Exploitation of the vulnerability allows an intruder to affect confidentiality, integrity and availability of protected information...