GHSA-CRHJ-59GH-8X96 vulnerabilities

Vulnerabilities for packages: amazon-ssm-agent-fips, nuclei, pulumi, k9s, kubescape-server-fips, redpanda-console, kots, melange, cerbos-fips, grype-fips, flux-image-automation-controller, steampipe, pulumi-language-dotnet, argo-events, gitlab-runner, chainloop-cli, zarf, pulumi-language-yaml, bo...

CVE-2026-44310 vulnerabilities

Vulnerabilities for packages: cg...

GHSA-7RMH-48MX-2VWC vulnerabilities

Vulnerabilities for packages: cg...

CVE-2026-44309 vulnerabilities

Vulnerabilities for packages: cg...

GHSA-7C37-GX6W-8VC5 vulnerabilities

Vulnerabilities for packages: cg...

GHSA-M3XC-H892-GGX6 vulnerabilities

Vulnerabilities for packages: packer, teleport, rancher-fleet-fips, telegraf, cg, argo-cd, rclone, scorecard, cerbos-fips, syft-fips, syft, skaffold-fips, seaweedfs-rocksdb-fips, chainloop-cli, flux, amazon-ssm-agent, gitaly, terragrunt-fips, cerbos, argo-cd-fips, terragrunt, rclone-fips,...

CVE-2026-44740 vulnerabilities

Vulnerabilities for packages: packer, teleport, rancher-fleet-fips, telegraf, cg, argo-cd, rclone, scorecard, cerbos-fips, syft-fips, syft, skaffold-fips, seaweedfs-rocksdb-fips, chainloop-cli, flux, amazon-ssm-agent, gitaly, terragrunt-fips, cerbos, argo-cd-fips, terragrunt, rclone-fips,...

CVE-2026-41507 Remote Code Execution (RCE) via String Literal Injection into math-codegen

math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +39 more potentially affected by CVE-2026-5766 via django (>=5.2.0 <=5.2.13)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-5766 Source advisory: OSV:GHSA-W26R-RMM8-9C29...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netconsole: The sumutex must be acquired before navigating the configs hierarchy. There is a race between operations that iterate over the cgchildren list and concurrent additions/removals of userdata items through configfs. The...

GHSA-P6X5-P4XF-CC4R Remote Code Execution (RCE) via String Literal Injection into math-codegen

Impact String literal content passed to cg.parse is injected verbatim into a new Function body without sanitization. This allows an attacker to execute arbitrary system commands when user-controlled input reaches the parser. Any application exposing a math evaluation endpoint where user input flo...

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +27 more potentially affected by CVE-2026-3902 via django (>=5.2.0 <=5.2.12)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-3902 Source advisory: OSV:GHSA-MVFQ-GGXM-9MC5...

MINI-V794-PHG5-CFCG

Bulletin has no description...

CVE-2026-25121 vulnerabilities

Vulnerabilities for packages: dagdotdev, amazon-ssm-agent, chainctl, cg...

CVE-2026-25122 vulnerabilities

Vulnerabilities for packages: dagdotdev, amazon-ssm-agent, chainctl, cg...

GHSA-6P9P-Q6WH-9J89 vulnerabilities

Vulnerabilities for packages: dagdotdev, amazon-ssm-agent, chainctl, cg...

GHSA-5G94-C2WX-8PXW vulnerabilities

Vulnerabilities for packages: dagdotdev, amazon-ssm-agent, chainctl, cg...

CVE-2025-23632

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rhizome Networks CG Button content-glass-button allows Reflected XSS.This issue affects CG Button: from n/a through = 1.0.5.6...

CVE-2025-68319

In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire sumutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cgchildren list and concurrent add/remove of userdata items through configfs. The updateuserdata...

CVE-2025-68319

In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire sumutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cgchildren list and concurrent add/remove of userdata items through configfs. The updateuserdata...