CVE-2026-22816

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865 Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22816 Gradle fails to disable repositories which can expose builds to malicious artifacts

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

CVE-2026-22646

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information like file paths, database errors, or software versions that can be used to map the application's internal structu...

Mattermost is vulnerable to DoS due to infinite re-renders on API errors

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

GHSA-MX8M-V8QM-XWR8 Mattermost is vulnerable to DoS due to infinite re-renders on API errors

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

CVE-2025-14435

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

CVE-2025-14435

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

EUVD-2026-2916

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

CVE-2025-14435 Application-Level DoS via infinite re-render loop in user profile handling

Mattermost versions 10.11.x = 10.11.8, 11.1.x = 11.1.1, 11.0.x = 11.0.6 fail to prevent infinite re-renders on API errors which allows authenticated users to cause application-level DoS via triggering unbounded component re-render loops...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

MiracleLinux 3 : gnome-vfs2-2.16.2-10.AXS3 (AXSA:2013-42:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-42:01 advisory. GNOME VFS is the GNOME virtual file system. It is the foundation of the Nautilus file manager. It provides a modular architecture and ships with several module...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000960)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000960 advisory. Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDMULTITOUCH is...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001466)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001466 advisory. A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly...

Mattermost security vulnerabilities

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 10.11.8 and earlier 10.11.x series, 11.1.1 and earlier 11.1.x series, and 11.0.6 and earlier 11.0.x series have security vulnerabilities. These vulnerabilities stem fro...

PT-2026-3330

Name of the Vulnerable Software and Affected Versions Gradle versions prior to 9.3.0 Description Gradle’s native-platform tool, which provides Java bindings for native APIs, does not treat certain exceptions as fatal errors when resolving dependencies in versions before 9.3.0. This allows Gradle ...

PT-2026-3331

Name of the Vulnerable Software and Affected Versions Gradle versions prior to 9.3.0 Description Gradle, a build automation tool, has an issue where dependency resolution in versions before 9.3.0 does not treat certain exceptions as fatal errors. This allows Gradle to continue to subsequent...

MiracleLinux 7 : grub2-2.02-0.29.0.1.el7.AXS7 (AXSA:2015-830:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-830:02 advisory. The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It support rich varietyof kernel formats, fi...