CVE-2026-25536

CVE-2026-25536 affects the MCP TypeScript SDK. From versions 1.10.0 through 1.25.3, cross‑client data can leak when a single McpServer/Server and transport instance is reused across multiple client connections (notably in stateless StreamableHTTPServerTransport deployments). The issue arises from...

EUVD-2026-5335

MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. From version 1.10.0 to 1.25.3, cross-client response data leak when a single McpServer/Server and transport instance is reused across multiple client connections, most commonly in stateless...

Security update for rsync

This update for rsync fixes the following issues: NOTE: this update is broken and was retracted. New update will be published as followup update. CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...

CVE-2023-6660

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

DEBIAN-CVE-2022-41317

An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7...