karakeep 安全漏洞

Karakeep is an open-source bookmarking app developed by Karakeep App. Versions of Karakeep prior to 0.32.0 contained security vulnerabilities. These vulnerabilities stemmed from a SSRF protection that could be bypassed by carefully crafted HTTP redirection chains. Authentication users could enabl...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2026:2033-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2033-1 advisory. This update for docker rebuilds it against the current go security release. Tenable has extracted the preceding...

cloud.opencode.base:opencode-base-token (=1.0.0), com.flowlogix.depchain:shiro-jakarta (>=18 <=119) +22 more potentially affected by CVE-2026-44598 via org.apache.shiro:shiro-jakarta-ee (>=2.0.0-alpha-1 <=2.1.0)

org.apache.shiro:shiro-jakarta-ee MAVEN version =2.0.0-alpha-1, =18, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.82.10, =0.82.10, =4.7.0, =3.10.0, =3.10.0, =3.10.0, =4.5.0, =4.20.0 and more Source cves: CVE-2026-44598 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17115416...

Fedora 43 : docker-buildx (2026-6d1dd77956)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6d1dd77956 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Fedora 44 : docker-buildkit (2026-5045ce29e3)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5045ce29e3 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...

Fedora 43 : docker-buildkit (2026-36769a9e58)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-36769a9e58 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...

Fedora 44 : docker-buildx (2026-7f8de90b74)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7f8de90b74 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Fedora 42 : docker-buildx (2026-95f37c21d5)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-95f37c21d5 advisory. - Update to release v0.34.0 - Resolves: rhbz2467576 - Resolves CVE-2026-39984: rhbz2458930 - Upstream new features and fixes Tenable has extracted the...

Fedora 42 : docker-buildkit (2026-0adc4a8098)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-0adc4a8098 advisory. - Update to release v0.30.0 - Resolves CVE-2026-39984: rhbz2458929 - Upstream new features and fixes Tenable has extracted the preceding description block...

ROS-20260524-73-0027

Vulnerability in docker-ce related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions...

ROS-20260524-73-0026

Vulnerability in docker-ce related to a single offset error. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

[SECURITY] Fedora 42 Update: docker-buildx-0.34.0-1.fc42

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 42 Update: docker-buildkit-0.30.0-1.fc42

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

[SECURITY] Fedora 43 Update: docker-buildkit-0.30.0-1.fc43

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

[SECURITY] Fedora 43 Update: docker-buildx-0.34.0-1.fc43

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 44 Update: docker-buildx-0.34.0-1.fc44

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 44 Update: docker-buildkit-0.30.0-1.fc44

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

PT-2026-42873

Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.2 Description The "PUT /api/environments/id/templates/variables" endpoint, used to write the system-wide .env.global file for variable substitution in project compose files, lacks an admin authorization check. Any...

CVE-2026-5843

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...

CVE-2026-5843 Docker Model Runner container-to-host code execution via MLX-LM model_file importlib loading

The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the modelfile configuration field in config.json. When a model's config.json specifies a modelfile pointing to a Python...