CVE-2026-0259

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

GHSA-298W-VVM4-WW55 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard-fips, wazuh-dashboard, opensearch-dashboards-fips...

CLEANSTART-2026-MJ26242 Security fixes for CVE-2026-41602, ghsa-wf45-q9ch-q8gh applied in versions: 1.300066.1-r0

Multiple security vulnerabilities affect the amazon-cloudwatch-agent-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Security update for erlang26

This update for erlang26 fixes the following issues Security issues: CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc1259681...

SUSE-SU-2026:2010-1 Security update for erlang26

This update for erlang26 fixes the following issues Security issues: - CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal bsc1258663. - CVE-2026-23941: HTTP Request Smuggling in Erlang OTP bsc1259687. - CVE-2026-23942: path traversal vulnerability in Erlang OTP bsc125968...

CLEANSTART-2026-EM93403 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-26958, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.18.0-r0, 0.19.0-r0, 0.19.0-r1

Multiple security vulnerabilities affect the prometheus-mysqld-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

EUVD-2026-30106

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

CVE-2026-0259

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

CVE-2026-0259

An arbitrary File Read and Delete Vulnerability in Palo Alto Networks WildFire® WF-500 and WF-500-B appliances enables users to read sensitive information and delete arbitrary files. This vulnerability affects WF-500 and WF-500-B appliances running in the default non-FIPS configuration mode. The...

GHSA-V2FC-QM4H-8HQV vulnerabilities

Vulnerabilities for packages: pact-broker-docker, kube-logging-operator, ruby3.4-rails, ruby3.2-rails, ruby4.0-rails, ruby3.3-rails, pact-broker-docker-fips...

PT-2026-38678

Name of the Vulnerable Software and Affected Versions BC-FJA versions 2.1.0 through 2.1.2 Description A cryptographic issue exists in BC-FIPS on Linux, X86 64, AVX, and AVX-512f architectures. This issue is associated with the program files "gcm128w" and "gcm512w". Recommendations At the moment,...

CVE-2026-42038 vulnerabilities

Vulnerabilities for packages: kubeflow-centraldashboard, opensearch-dashboards-fips, opensearch-dashboards, saf, kibana, langfuse, lerna, prism, redisinsight, langfuse-fips, jitsucom-jitsu...

CLEANSTART-2026-DR81473 HashiCorp’s go-getter library up to v1

Multiple security vulnerabilities affect the harbor-scanner-trivy-fips package. HashiCorp’s go-getter library up to v1. See references for individual vulnerability details...

GHSA-GV3V-2CPP-3PMQ vulnerabilities

Vulnerabilities for packages: keycloak, keycloak-fips...

SUSE-SU-2026:0976-1 Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...

Security update for openCryptoki

This update for openCryptoki fixes the following issues: Security fixes: CVE-2026-23893: Fixed privilege escalation or data exposure via symlink following bsc1257116 Other fixes: Fixed FIPS mode bsc1248002 Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

GHSA-8F2F-6W9M-MG42 vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-runner, gitlab-rails-ce-fips, gitlab-pages-fips...

go-toolset:ol8 security and bug fix update

go-toolset 1.11.13-1 - Bump version to 1.11.13 - Related: rhbz1743204 - Related: rhbz1743206 golang 1.11.13-2 - Improve error message when using non-FIPS API in FIPS mode. - Fixes CVE-2019-9512. - Fixes CVE-2019-9514. - Resolves: rhbz1745711 - Resolves: rhbz1745705 1.11.6-3 - Updates to be less...

libsoup security update

2.62.3-13 - Backport patch for CVE-2026-1761 2.62.3-12 - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode...

libsoup security update

2.72.0-12.5 - Backport patch for CVE-2026-1761 2.72.0-12.4 - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode...