Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017530)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017530 advisory. A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by...

GhostLock: SMB Deny-Share Handles As a Zero-Privilege Availability Weapon

GhostLock demonstrates that a low-privileged Windows domain user with standard read access to an SMB share can produce ransomware-equivalent organizational availability impact with zero writes, zero encryption, and zero signals in every behavioral defense the modern enterprise security stack...

OPENSUSE-SU-2026:10745-1 bettercap-2.41.7-1.1 on GA media

These are all security issues fixed in the bettercap-2.41.7-1.1 package on the GA media of openSUSE Tumbleweed...

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017655 advisory. A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAPs slapd server, to trigger an assertion failure...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017523 advisory. A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in t...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017577 advisory. A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior i...

D-Link M60 License Issue Vulnerability

The D-Link M60 is a wireless routing device from China-based D-Link. An authorization issue vulnerability exists in D-Link M60 version 1.20B02 and prior versions, which stems from a weak password recovery issue in the file /usr/bin/httpd, and can be exploited by an attacker to cause...

OPENSUSE-SU-2026:10751-1 libvinylapi3-9.0.0-1.1 on GA media

These are all security issues fixed in the libvinylapi3-9.0.0-1.1 package on the GA media of openSUSE Tumbleweed...

Unity Linux 20.1060e / 20.1070e Security Update: rpm (UTSA-2026-017547)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017547 advisory. A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017538)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017538 advisory. A flaw was found in ImageMagick in coders/jp2.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017513)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017513 advisory. A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

OPENSUSE-SU-2026:10747-1 php8-8.5.6-1.1 on GA media

These are all security issues fixed in the php8-8.5.6-1.1 package on the GA media of openSUSE Tumbleweed...

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017563 advisory. A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior...

Unity Linux 20.1060e / 20.1070e Security Update: rpm (UTSA-2026-017662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017662 advisory. A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from...

CVE-2026-31368

AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability...

CVE-2026-25077

Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...

UBUNTU-CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

EUVD-2026-28970

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

OPENSUSE-SU-2026:10743-1 tar-1.35-7.1 on GA media

These are all security issues fixed in the tar-1.35-7.1 package on the GA media of openSUSE Tumbleweed...

PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...