Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.43 security and extras update

Red Hat OpenShift Container Platform release 4.18.43 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

Security Bulletin: Due to use of immutable-4.3.7.tgz, IBM Sterling Connect:Direct Web Services is affected by Improperly Controlled Modification of Object Prototype Attributes.

Summary immutable-4.3.7.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2026-29063. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in immutable-4.1.0.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in immutable-4.1.0.tgz Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3, 4.3.7, and 5.1.5, Prototype Pollution is possible in immutable...

ROOT-APP-NPM-CVE-2026-29063 CVE-2026-29063 in @rootio/immutable - Patched by Root

Root has patched CVE-2026-29063 in the @rootio/immutable package for Root:npm. Multiple fixed versions available...

SUSE-SU-2026:2117-1 Security update for postgresql14

This update for postgresql14 fixes the following issues Update to version 14.23. Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard again...

Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

CVE-2026-45927 bpf: Require frozen map for calculating map hash

In the Linux kernel, the following vulnerability has been resolved: bpf: Require frozen map for calculating map hash Currently, bpfmapgetinfobyfd calculates and caches the hash of the map regardless of the map's frozen state. This leads to a TOCTOU bug where userspace can call BPFOBJGETINFOBYFD t...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 security and extras update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a security impact of...

SUSE-SU-2026:2084-1 Security update for postgresql16

This update for postgresql16 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.23 security and extras update

Red Hat OpenShift Container Platform release 4.20.23 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a security impact of...

EUVD-2026-30989

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

CVE-2026-8492

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

CVE-2026-8492

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

CVE-2026-8492 Translate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

CVE-2026-8492 Translate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

External Control of Assumed-Immutable Web Parameter

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to External Control of Assumed-Immutable Web Parameter via the SessionCodeChecks restart flow in the login sessi...

SUSE SLES12 Security Update : postgresql18 (SUSE-SU-2026:1946-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1946-1 advisory. This update for postgresql18 fixes the following issues Update to version 18.4. Security issues: - CVE-2026-6472: ensure the user has CREATE...

Drupal Translate Drupal with GTranslate 安全漏洞

Drupal Translate Drupal with GTranslate is a Drupal content access control module developed by the Drupal company. Versions of Drupal Translate Drupal with GTranslate prior to version 3.0.5 contained security vulnerabilities; these vulnerabilities stemmed from modifications to assumed immutable...

Security Bulletin: Security vulnerability in JavaScript affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in JavaScript affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. JavaScript is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fix...