OPENSUSE-SU-2026:20788-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data Data Amplification in github.com/getkin/kin-openapi/openapi3filter bsc1264762. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client...

DRUPAL-CORE-2026-004

Drupal core includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL...

PT-2026-42361

Drupal core includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : plexus-utils (SUSE-SU-2026:1396-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1396-1 advisory. This update for plexus-utils fixes the following issue: Security fixes: - CVE-2025-67030: directory...

OPENSUSE-SU-2026:20579-1 Security update for gosec

This update for gosec fixes the following issues: Changes in gosec: - Update to version 2.25.0: choredeps: bump google.golang.org/grpc from 1.75.0 to 1.79.3 1617 fix: allow barry action to access secrets on fork PRs 1616 fix: reduce G117 false positives for custom marshalers and transformed value...

CVE-2026-32735

openapi-to-java-records-mustache-templates allows users to generate Java Records from OpenAPI specifications. Starting in version 5.1.1 and prior to version 5.5.1, the parent POM file of this project openapi-to-java-records-mustache-templates-parent, which is used to centralize plugin...

Openapi to Java Records Mustache Templates 输入验证错误漏洞

Openapi to Java Records Mustache Templates is a record-generation tool developed by Christopher Molin. Versions of Openapi to Java Records Mustache Templates prior to 5.5.1 had a vulnerability related to input validation errors. This vulnerability stemmed from the possibility of the parent POM fi...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2026:0777-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0777-1 advisory. Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065:...

SUSE-SU-2026:20534-1 Security update for rust-keylime

This update for rust-keylime fixes the following issues: Update to version 0.2.8+116. Security issues fixed: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257908. Other updates and bugfixes: - Update vendored crates time to...

PT-2026-20655

Name of the Vulnerable Software and Affected Versions Strimzi versions 0.49.0 through 0.50.0 Description Strimzi allows running an Apache Kafka cluster on Kubernetes or OpenShift. Versions 0.49.0 through 0.50.0 incorrectly configure trusted certificates for mTLS authentication when using a custom...

PT-2026-20654

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...

SUSE-SU-2026:20580-1 Security update for cockpit-repos

This update for cockpit-repos fixes the following issues: Update to version 4.7. Security issues fixed: - CVE-2025-13465: prototype pollution in the .unset and .omit functions can lead to deletion of methods from global bsc1257325. - CVE-2025-64718: js-yaml prototype pollution in merge bsc1255425...

Who Said CVE? How Vulnerability Identifiers Are Mentioned by Humans, Bots, and Agents in Pull Requests

Vulnerability identifiers such as CVE, CWE, and GHSA are standardised references to known software security issues, yet their use in practice is not well understood. This paper compares vulnerability ID use in GitHub pull requests authored by autonomous agents, bots, and human developers. Using t...

Understanding Security Risks of AI Agents' Dependency Updates

Package dependencies are a critical control point in modern software supply chains. Dependency changes can substantially alter a project's security posture. As AI coding agents increasingly modify software via pull requests, it is unclear whether their dependency decisions introduce distinct...

Exploring the SECURITY.Md in the Dependency Chain: Preliminary Analysis of the PyPI Ecosystem

Security policies, such as SECURITY.md files, are now common in open-source projects. They help guide responsible vulnerability reporting and build trust among users and contributors. Despite their growing use, it is still unclear how these policies influence the structure and evolution of softwa...

SUSE-RU-2025:20961-1 Recommended update for afterburn

This update for afterburn fixes the following issues: - Update to version 5.9.0.git21.a73f509: docs/release-notes: update for release 5.10.0 cargo: update dependencies microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat docs/release-notes: Add entry for Azure SharedConfig XML...

SUSE-SU-2025:3784-1 Security update for afterburn

This update for afterburn fixes the following issues: Update to version 5.9.0.git21.a73f509. Security issues fixed: - CVE-2022-24713: regex: no proper complexity limitation when parsing untrusted regular expressions with large repetitions on empty sub-expressions can lead to excessive resource...

Security update for afterburn (important)

openSUSE Security Update: Security update for afterburn Announcement ID: openSUSE-SU-2025:0386-1 Rating: important References: 1244675 1250471 Cross-References: CVE-2025-5791 CVSS scores: CVE-2025-5791 SUSE: 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products:...

ROS-20250822-15

Package manager vulnerability for Helm is related to local code execution when updating dependencies. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution

...