UBUNTU-CVE-2026-7261

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

EUVD-2026-28970

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when SoapServer is configured with SOAPPERSISTENCESESSION, the handler object is persisted across requests via session storage. However, in the case SOAP requests results in an error, the persistanc...

OPENSUSE-SU-2026:10743-1 tar-1.35-7.1 on GA media

These are all security issues fixed in the tar-1.35-7.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10742-1 libQt6Svg6-6.11.0-2.1 on GA media

These are all security issues fixed in the libQt6Svg6-6.11.0-2.1 package on the GA media of openSUSE Tumbleweed...

PHP 缓冲区错误漏洞

PHP is an open-source scripting language executed on the server side. Versions of PHP prior to 8.2.31, 8.3.31, 8.4.21, and 8.5.6 contained a buffer error vulnerability. This vulnerability stemmed from the use of the metaphone function, which used signed integer variables to track the current...

java-11-openj9-11.0.31.0-1.1 on GA media (moderate)

java-11-openj9-11.0.31.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10724-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

OPENSUSE-SU-2026:10738-1 MozillaThunderbird-140.10.2-1.1 on GA media

These are all security issues fixed in the MozillaThunderbird-140.10.2-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2026-28899

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

SUSE CVE-2026-43131

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix null pointer dereference issue If SMU is disabled, during RAS initialization, there will be null pointer dereference issue here...

CVE-2026-42343

FastGPT is an AI Agent building platform. In versions 4.14.13 and prior, the code-sandbox component suffers from insufficient resource isolation and uncontrolled resource consumption. The service relies solely on an application-level soft limit a 500ms polling interval for memory management and...

CVE-2026-43364

Summary (CVE-2026-43364) : In the Linux kernel ublk subsystem, a local attacker can trigger a NULL pointer dereference by sending UPDATE_SIZE to a ublk device that has been added but not started, or that has been stopped. The root cause is missing state validation in ublk_ctrl_set_size(), which d...

BIT-PYTHON-MIN-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

BIT-PYTHON-2025-12084 Quadratic complexity in node ID cache clearing

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

BIT-MONGODB-2026-6914 MD5 checksum creation may cause availability loss

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

OPENSUSE-SU-2026:10722-1 glibc-2.43-2.1 on GA media

These are all security issues fixed in the glibc-2.43-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-39160

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

OPENSUSE-SU-2026:10735-1 tor-0.4.9.8-1.1 on GA media

These are all security issues fixed in the tor-0.4.9.8-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10729-1 krb5-1.22.2-3.1 on GA media

These are all security issues fixed in the krb5-1.22.2-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10732-1 libmodsecurity3-3.0.15-1.1 on GA media

These are all security issues fixed in the libmodsecurity3-3.0.15-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10720-1 firefox-esr-140.10.2-1.1 on GA media

These are all security issues fixed in the firefox-esr-140.10.2-1.1 package on the GA media of openSUSE Tumbleweed...