EUVD-2026-24079

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing brute force attacks against administrative...

CVE-2026-41036 Command Injection Vulnerability in Quantum Networks Router QN-I-470

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the targeted device. Successful exploitation of this...

cloudformation-cli-python-lib (>=2.1.12 <=2.1.16), core-aws (>=1.0.0 <=1.0.4) +3 more potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=3.1.0 <=3.3.0)

aws-encryption-sdk PYPI version =3.1.0, =2.1.12, =1.0.0, =1.0.1, =0.4.8, =25.11.0, =25.14.1 Source cves: CVE-2026-6550 Source advisory: SNYK:PYTHON-AWSENCRYPTIONSDK-16115497...

tempo-cli-2.10.4-1.1 on GA media (moderate)

tempo-cli-2.10.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10578-1 Rating: moderate Cross-References: CVE-2026-25679 CVSS scores: CVE-2026-25679 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-25679 SUSE : 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:...

OPENSUSE-SU-2026:10578-1 tempo-cli-2.10.4-1.1 on GA media

These are all security issues fixed in the tempo-cli-2.10.4-1.1 package on the GA media of openSUSE Tumbleweed...

elFinder: Command injection in resize background color parameter when using ImageMagick CLI

Severity High bg can be injected into shell command construction, leading to possible RCE in affected configurations. Summary elFinder contains a command injection vulnerability in the resize command. The bg background color parameter is accepted from user input and passed through image...

GHSA-PC3F-X583-G7J2 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, datadog-agent, skaffold, cloudnative-pg, k8sgpt-operator, kots, falcoctl, k3s, cert-manager-istio-csr, cilium, aws-node-termination-handler, tigera-operator, argo-rollouts, rancher-agent, redis-operator, postgres-operator, juicefs-csi-driver,...

CVE-2026-35469 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, datadog-agent, skaffold, cloudnative-pg, k8sgpt-operator, kots, falcoctl, k3s, cert-manager-istio-csr, cilium, aws-node-termination-handler, tigera-operator, argo-rollouts, rancher-agent, redis-operator, postgres-operator, juicefs-csi-driver,...

GHSA-965H-392X-2MH5 vulnerabilities

Vulnerabilities for packages: linkerd2, komodo, zellij, deno, sqlx, ztunnel, asciinema, qdrant, sccache, lychee, xh, linkerd-extension-init, shadowsocks-rust, fnm, pixi, linkerd2-cni-plugin, samply, zizmor, parseable, atuin, cargo-audit, ntpd-rs, linkerd2-proxy, ztunnel-fips, mise, kdash, uv, rye...

GHSA-XGP8-3HG3-C2MH vulnerabilities

Vulnerabilities for packages: linkerd2, komodo, zellij, deno, sqlx, ztunnel, asciinema, qdrant, sccache, lychee, xh, linkerd-extension-init, shadowsocks-rust, fnm, pixi, linkerd2-cni-plugin, samply, zizmor, parseable, atuin, cargo-audit, ntpd-rs, linkerd2-proxy, ztunnel-fips, mise, kdash, uv, rye...

CVE-2026-35469 vulnerabilities

Vulnerabilities for packages: kcp, trivy, datadog-agent, trident, gitlab-runner, postgres-operator-fips, kubescape-server, grafana, cert-manager-istio-csr-fips, vcluster, docker-cli-buildx, percona-xtradb-cluster-operator, eck-operator, trident-fips, kubescape, redis-operator-fips, velero,...

[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

@saltcorn/cli (>=1.0.0 <=1.4.5), @saltcorn/mobile-builder (>=1.0.0 <=1.4.5) potentially affected by CVE-2026-42259 via @saltcorn/server (>=1.0.0-beta.1 <=1.4.5)

@saltcorn/server NPM version =1.0.0-beta.1, =1.0.0, =1.0.0, =1.4.5 Source cves: CVE-2026-42259 Source advisory: SNYK:JS-SALTCORNSERVER-16111017...

@saltcorn/cli (>=1.6.0-alpha.0 <=1.6.0-beta.12), @saltcorn/mobile-builder (>=1.6.0-alpha.0 <=1.6.0-beta.12) potentially affected by CVE-2026-42259 via @saltcorn/server (>=1.6.0-alpha.0 <=1.6.0-beta.4)

@saltcorn/server NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-beta.12 Source cves: CVE-2026-42259 Source advisory: OSV:GHSA-F3G8-9XV5-77GV...

@saltcorn/cli (>=1.6.0-alpha.0 <=1.6.0-beta.12), @saltcorn/mobile-builder (>=1.6.0-alpha.0 <=1.6.0-beta.12) potentially affected by CVE-2026-42259 via @saltcorn/server (>=1.6.0-alpha.0 <=1.6.0-beta.4)

@saltcorn/server NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-beta.12 Source cves: CVE-2026-42259 Source advisory: SNYK:JS-SALTCORNSERVER-16111017...

@saltcorn/cli (>=1.0.0 <=1.4.5), @saltcorn/mobile-builder (>=1.0.0 <=1.4.5) potentially affected by CVE-2026-41478 via @saltcorn/server (>=1.0.0-beta.1 <=1.4.5)

@saltcorn/server NPM version =1.0.0-beta.1, =1.0.0, =1.0.0, =1.4.5 Source cves: CVE-2026-41478 Source advisory: SNYK:JS-SALTCORNSERVER-16110989...

@saltcorn/cli (>=1.5.0 <=1.5.5-beta.0), @saltcorn/mobile-builder (>=1.5.0 <=1.5.5-beta.0) potentially affected by CVE-2026-41478 via @saltcorn/server (>=1.5.0-beta.0 <=1.5.5)

@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.5-beta.0 Source cves: CVE-2026-41478 Source advisory: SNYK:JS-SALTCORNSERVER-16110989...

@saltcorn/cli (>=1.5.0 <=1.5.5-beta.0), @saltcorn/mobile-builder (>=1.5.0 <=1.5.5-beta.0) potentially affected by CVE-2026-41478 via @saltcorn/server (>=1.5.0-beta.0 <=1.5.5)

@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.5-beta.0 Source cves: CVE-2026-41478 Source advisory: OSV:GHSA-JP74-MFRX-3QVH...

@saltcorn/cli (>=1.0.0 <=1.4.5), @saltcorn/mobile-builder (>=1.0.0 <=1.4.5) potentially affected by CVE-2026-41478 via @saltcorn/mobile-app (>=1.0.0-beta.1 <=1.4.5)

@saltcorn/mobile-app NPM version =1.0.0-beta.1, =1.0.0, =1.0.0, =1.4.5 Source cves: CVE-2026-41478 Source advisory: SNYK:JS-SALTCORNMOBILEAPP-16110990...

@saltcorn/cli (>=1.6.0-alpha.0 <=1.6.0-beta.12), @saltcorn/mobile-builder (>=1.6.0-alpha.0 <=1.6.0-beta.12) potentially affected by CVE-2026-41478 via @saltcorn/server (>=1.6.0-alpha.0 <=1.6.0-beta.4)

@saltcorn/server NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-beta.12 Source cves: CVE-2026-41478 Source advisory: OSV:GHSA-JP74-MFRX-3QVH...