PT-2026-20898

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting issue. An authenticated user can inject HTML or JavaScript code into the...

PT-2026-20897

Name of the Vulnerable Software and Affected Versions GFI MailEssentials AI versions prior to 22.4 Description GFI MailEssentials AI versions before 22.4 are affected by a stored cross-site scripting issue. An authenticated user can inject HTML or JavaScript code into the...

[SECURITY] [DLA 4482-1] ceph security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4482-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb February 17, 2026 https://wiki.debian.org/LTS -...

Debian dla-4482 : ceph - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4482 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4482-1 [email protected] https://www.debian.org/lts/security/...

Oracle Linux 9 : kernel (ELSA-2026-2722)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2722 advisory. - smc: Fix use-after-free in pnetfindbasendev. Mete Durlu RHEL-126890 CVE-2025-40064 - ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettran...

Advisory ROSA-SA-2026-3199

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 unaffected versions = rsync-3.1.3-23.rv3 affected versions rsync-3.1.3-23.rv3 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync...

CLSA-2026-1770310535 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u482-b08 GA fixing the following CVE: - CVE-2026-21945: enhance certificate checking - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer request handling...

CVE-2026-26269

A flaw was found in Vim. A stack-based buffer overflow in the NetBeans integration can be triggered in the specialkeys function in the src/netbeans.c file via a malicious NetBeans server due to improper bounds checking, most likely resulting in a denial of service or in arbitrary command executio...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper checking of the isusertask auxiliary function. This vulnerability could potentially caus...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper boundary checking during the truncation of large swap entries, potentially leading to...

RLSA-2026:0933 Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpng:...

RockyLinux 9 : java-25-openjdk (RLSA-2026:0933)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0933 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination...

CVE-2026-20616

CVE-2026-20616: An out-of-bounds write issue affecting USD file processing was mitigated by improved bounds checking. It is fixed in iOS 18.7.5 / iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, and visionOS 26.3. Exploitation could cause unexpected app termination. This CVE, tied to multipl...

CVE-2026-20611

CoreAudio in Apple platforms is affected by CVE-2026-20611, an out-of-bounds access issue that can cause an app to terminate or memory corruption when processing a malicious media file. Affected products/versions include iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...