Important: libyang security update

Libyang is YANG data modeling language parser and toolkit written and providing API in C. Security Fixes: libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 For more details about the security issues, including the impact, a CVSS...

Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

Amazon Linux 2023 : kmod-nvidia-open-dkms (ALAS2023NVIDIA-2026-293)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-293 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

MiracleLinux 8 : httpd:2.4 (AXSA:2026-762:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-762:01 advisory. httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 httpd: modproxyajp: heap-based buffer over-read and memory disclosure in...

Amazon Linux 2023 : libnvidia-cfg, libnvidia-fbc, libnvidia-gpucomp (ALAS2023NVIDIA-2026-292)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-292 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

RHEL 10 : cockpit-image-builder (RHSA-2026:24331)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24331 advisory. The image-builder-frontend generates custom images suitable for deploying systems or uploading to the cloud. It integrates into Cockpit as...

Amazon Linux 2023 : libnvidia-nscq (ALAS2023NVIDIA-2026-291)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-291 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

Amazon Linux 2023 : kmod-nvidia-latest-dkms (ALAS2023NVIDIA-2026-294)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-294 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

Amazon Linux 2023 : nvidia-xconfig (ALAS2023NVIDIA-2026-282)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-282 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

VulnCheck KEV: CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

VulnCheck KEV: CVE-2026-42271

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

Apache HTTP Server 资源管理错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were vulnerabilities in Apache HTTP Server versions 2.4.55 to 2.4.67 related to resource...

Amazon Linux 2023 : nvidia-fabric-manager-devel, nvidia-fabricmanager (ALAS2023NVIDIA-2026-289)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-289 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

Amazon Linux 2 : unbound, --advisory ALAS2-2026-3322 (ALAS-2026-3322)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3322 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables...

TencentOS Server 4: python-ply (TSSA-2026:0434)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0434 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Amazon Linux 2023 : nvidia-persistenced (ALAS2023NVIDIA-2026-283)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-283 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

ALSA-2026:24369 Important: unbound security update

The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: unbound: Heap overflow and crash with multiple nsid, cookie, padding EDNS options CVE-2026-42944 unbound: Unbound DNSSEC Validator Denial of Service via Incorrect Write Offset Counter in...

📄 Revive Adserver 6.0.6 XSS / SQL Injection / Code Execution

Revive Adserver versions 6.0.6 and below exploitation framework that targets cross site scripting, remote SQL injection, remote code execution, and various other vulnerabilities...

PT-2026-47342

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

🚨 CVE-2026-4480 - Critical Remote Code Execution in Samba Prin...