SUSE SLES16: postgresql15 / postgresql15-contrib / postgresql15-devel / etc (SUSE-SU-2026:22183-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22183-1 advisory. This update for postgresql15 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on...

CVE-2026-50129

Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.11, 4.4.18, and 4.3.24, a DoS can be triggered by Uncaught Exception vulerability, due to missing exception handling in the math sanitizer. Malformed nodes can result in a DoS of a whole server or targeted...

CVE-2026-50128

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

CVE-2026-9643 WP Meta SEO <= 4.5.18 - Unauthenticated Stored Cross-Site Scripting via REQUEST_URI in 404 Logging

The WP Meta SEO plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting via the REQUESTURI server variable in all versions up to, and including, 4.5.18. When the plugin's wpmsTemplateRedirect hook detects a 404, it concatenates $SERVER'HTTPHOST' with the raw...

RHEL 8 : kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_125_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 (RHSA-2026:28749)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28749 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...

RHEL 8 : kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_143_1, and kpatch-patch-4_18_0-477_97_1 (RHSA-2026:28748)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28748 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module ...

Security Bulletin: Vulnerability in Lodash affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Lodash has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...

Important: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images

Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

Moderate: Red Hat Security Advisory: OpenShift Virtualization v4.18 Images

Red Hat OpenShift Virtualization release v4.18 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

RHSA-2026:27742 Red Hat Security Advisory: postgresql18 security update

Bulletin has no description...

Important: Red Hat Security Advisory: postgresql18 security update

An update for postgresql18 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ROOT-APP-MAVEN-CVE-2026-5598 CVE-2026-5598 in io.root.org.bouncycastle:bcprov-jdk18on - Patched by Root

Root has patched CVE-2026-5598 in the io.root.org.bouncycastle:bcprov-jdk18on package for Root:Maven. Multiple fixed versions available...

CVE-2014-1807

creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:35+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/61c889c7-18b4-4d45-bf5c-267490da7fa7 2026-06-23 14:04:07+00:00| exploited|...

Malicious code in routecraft (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0c4f17a9e94ab9fdbab7325f597551a6c0ba5b9e210cb0b7e28d3b86b4766d0 [email protected] ships verbatim Express.js source lib/routecraft.js, lib/application.js, lib/request.js, lib/response.js, lib/utils.js, lib/view.js —...

MAL-2026-6229 Malicious code in routecraft (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0c4f17a9e94ab9fdbab7325f597551a6c0ba5b9e210cb0b7e28d3b86b4766d0 [email protected] ships verbatim Express.js source lib/routecraft.js, lib/application.js, lib/request.js, lib/response.js, lib/utils.js, lib/view.js —...

Astra Linux – Vulnerability in WebKit2GTK

This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, and watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved user interface. This issue has been fixed in Safari 18 and macOS Sequoia 15. Visiting a malicious website may result in address bar spoofing...

RHSA-2026:26204 Red Hat Security Advisory: postgresql:18 security update

Bulletin has no description...

Important: Red Hat Security Advisory: postgresql:18 security update

An update for the postgresql:18 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

BIT-MARIADB-MIN-2026-44172 MariaDB: mysql_real_escape_string() incorrectly handled big5

MariaDB server is a community developed fork of MySQL server. In versions 3.3.18 and 3.4.8, an application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections,...