2026-04 .NET 10.0.6 Security Update for x64 Server (KB5086095)

2026-04 .NET 10.0.6 Security Update for x64 Server KB5086095...

2026-04 .NET 9.0.15 Security Update for x64 Client (KB5086097)

2026-04 .NET 9.0.15 Security Update for x64 Client KB5086097...

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5084070)

2026-04 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5084070...

2026-04 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5082123)

2026-04 Cumulative Update for Windows 10 Version 1809 for x86-based Systems KB5082123...

2026-04 .NET 9.0.15 Security Update for x86 Client (KB5086097)

2026-04 .NET 9.0.15 Security Update for x86 Client KB5086097...

2026-04 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 (KB5084066)

2026-04 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 KB5084066...

2026-04 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5082200)

2026-04 Dynamic Cumulative Update for Windows 10 Version 21H2 for x64-based Systems KB5082200...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a denial of service in the Base OS image package: Scrapy [CVE-2025-6176]

Summary IBM Watson Speech Services Cartridge is vulnerable to a denial of service in the Base OS image package: Scrapy, due to a flaw in its brotli decompression implementation. CVE-2025-6176. We have updated the base image used by our Speech Services and the following vulnerability has been...

MAL-2026-2663 Malicious code in tether-wrk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e816f71a9a4581a5adacb19f57871ba8a9118bb980fbcb97c74d6b601a7e517f The package tether-wrk-base was found to contain malicious code. Source: ghsa-malware dd91537dad139a68aee6f4c63c4f9afb6bd315f2d76ee0e8e998dde7a421ef4...

Malicious code in tether-wrk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e816f71a9a4581a5adacb19f57871ba8a9118bb980fbcb97c74d6b601a7e517f The package tether-wrk-base was found to contain malicious code. Source: ghsa-malware dd91537dad139a68aee6f4c63c4f9afb6bd315f2d76ee0e8e998dde7a421ef4...

RHSA-2026:7850 Red Hat Security Advisory: gstreamer-plugins-base and gstreamer-plugins-good security update

Bulletin has no description...

CVE-2026-39622

Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through = 3.0.8...

CVE-2026-6106

A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/staticheadersmiddleware.py of the component Public Chat Interface. The manipulation of the argument Name results in cross site scripting...

Important: Red Hat Security Advisory: gstreamer-plugins-base and gstreamer-plugins-good security update

An update for multiple packages is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHSA-2026:7673 Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

Bulletin has no description...

Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good security update

An update for multiple packages is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 7 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (RHSA-2026:7673)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7673 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

MiracleLinux 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (AXSA:2026-421:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-421:01 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffe...

RHEL 7 : gstreamer-plugins-base and gstreamer-plugins-good (RHSA-2026:7850)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7850 advisory. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do...

GHSA-R5V8-C28H-F8R8 MetaGPT affected by server-side request forgery in metagpt/utils/common.py

A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.2. This impacts the function decodeimage of the file metagpt/utils/common.py. The manipulation of the argument imgurlorb64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit ha...