May 26, 2026—KB5089573 (OS Builds 26200.8524 and 26100.8524) Preview

May 26, 2026—KB5089573 OS Builds 26200.8524 and 26100.8524 Preview ​​​​This cumulative update for Windows 11, version 25H2 and 24H2 KB5089573, includes production-quality improvements. Visit the Windows release health dashboard for the latest status on this release. Announcements and messages Thi...

BIT-JRE-2020-14577

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

PT-2026-37927

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: ImageIO. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated...

PT-2026-37673

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

PT-2026-37667

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

PT-2026-37704

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl...

SUSE-SU-2026:1558-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Security fixes: - CVE-2026-24880: Request smuggling via invalid chunk extension bsc1261850. - CVE-2026-25854: Occasionally open redirect bsc1261851. - CVE-2026-29129: TLS cipher order is not preserved bsc1261852. - CVE-2026-29145: OCSP checks...

March 31, 2026—KB5086672 (OS Builds 26200.8117 and 26100.8117) Out-of-band

March 31, 2026—KB5086672 OS Builds 26200.8117 and 26100.8117 Out-of-band This out-of-band update for Windows 11, version 25H2 and 24H2 KB5086672 is cumulative and includes updates from previous security and non-security releases.This update includes the improvements and features that were...

[SECURITY] [DLA 4509-1] awstats security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4509-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 25, 2026 https://wiki.debian.org/LTS -...

March 21, 2026—KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band

March 21, 2026—KB5085516 OS Builds 26200.8039 and 26100.8039 Out-of-band ​​​​This out-of-band update for Windows 11, version 25H2 and 24H2 KB5085516 is cumulative. It includes updates from previous security and non-security releases, along with an additional fix. To learn more about differences...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

January 24, 2026—KB5078132 (OS Build 22631.6495) Out-of-band

January 24, 2026—KB5078132 OS Build 22631.6495 Out-of-band ​​​​​​​​​​​​​​​​​​This out-of-band update for Windows 11, version 23H2 KB5078132 is cumulative. It includes updates from previous security releases, along with an additional fix. To learn more about differences between security updates,...

EUVD-2026-3564

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...

MiracleLinux 7 : java-11-openjdk-11.0.10.0.9-0.el7 (AXSA:2021-1297:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1297:02 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Bug Fixes and Enhancements:...

OPENSUSE-SU-2025:20106-1 Security update for tomcat11

This update for tomcat11 fixes the following issues: Update to Tomcat 11.0.13: - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753. - CVE-2025-55754: Fixed Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomc...

October 28, 2025—KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

October 28, 2025—KB5067036 OS Builds 26200.7019 and 26100.7019 Preview ​​​​​This non-security update for Windows 11, version 25H2 and 24H2 KB5067036, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview...

KB5066793: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (October 2025)

The remote Windows host is missing security update 5066793. It is, therefore, affected by multiple vulnerabilities - tifpredict.h and tifpredict.c in libtiff 4.0.6 have assertions that can lead to assertion failures in debug mode, or buffer overflows in release mode, when dealing with unusual til...

CLSA-2025-1756203636 java-11-openjdk: Fix of 5 CVEs

Upgrade to openjdk-11.0.28+6 GA.. The following CVEs were fixed: - CVE-2025-30749: better Glyph drawing - CVE-2025-30754: enhance TLS protocol support - CVE-2025-30761: improve scripting supports - CVE-2025-50059: improve HTTP client header handling - CVE-2025-50106: better Glyph drawing redux...

SUSE SLES15 / openSUSE 15 Security Update : tomcat11 (SUSE-SU-2025:02979-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02979-1 advisory. Updated to Tomcat 11.0.9 - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations o...