1840 matches found
GHSA-GX55-F84R-V3R7 Fission Environment CRD podspec passthrough enables hostPID/hostNetwork/privileged pods, node escape
Summary Fission's Environment CRD exposes spec.runtime.podSpec and spec.builder.podSpec, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated hostNetwork, hostPID, hostIPC, container privileged, and serviceAccountName from the user-supplied podsp...
About the security content of iOS 26.5.2 and iPadOS 26.5.2
About the security content of iOS 26.5.2 and iPadOS 26.5.2 This update delivers security fixes that were first made available in the iOS 26.6 and iPadOS 26.6 betas. This document describes the security content of iOS 26.5.2 and iPadOS 26.5.2. About Apple security updates For our customers'...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Net: Fixing segmentation issues with forwarding fraglists for GRO packets. This patch improves the handling of GSO segmentation by properly checking the SKBGSODODGY flag for GSO packets with a fraglist. This addresses low...
SUSE-SU-2026:22478-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...
PT-2026-51964
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where Bottom Half BH processing is not disabled before calling the udp tunnel xmit skb and udp tunnel6 xmit skb functions. These functions are...
CVE-2026-34914
This CVE is confirmed: Revive Adserver
OPENSUSE-SU-2026:21038-1 Security update for 7zip
This update for 7zip fixes the following issues Update to 26.01: - CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure bsc1267858. - CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation bsc1267421. - CVE-2026-48101: Information...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
OPENSUSE-SU-2026:21137-1 Security update for perl-Crypt-PasswdMD5
This update for perl-Crypt-PasswdMD5 fixes the following issues: Changes in perl-Crypt-PasswdMD5: - updated to 1.430.0 1.43 see /usr/share/doc/packages/perl-Crypt-PasswdMD5/Changelog.ini V 1.43 Date=2026-05-23T08:14:00 Deploy.Action=Upgrade Deploy.Reason=Security Comments= EOT - Accept pull reque...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...
Fedora 44 : bind9-next (2026-dbb0776ac5)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dbb0776ac5 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...
Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security
Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...
June 9, 2026—KB5095051 (OS Build 28000.2269)
June 9, 2026—KB5095051 OS Build 28000.2269 This cumulative update for Windows 11, version 26H1 KB5095051 includes the latest security fixes and improvements, along with non-security updates from last month's optional preview release. Visit the Windows release health dashboard for the latest...
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2207-1)
The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2207-1 advisory. This update for the SUSE Linux Enterprise Kernel 4.12.14-122.299 fixes various security issues The following security issues were fixe...
SUSE-SU-2026:2134-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.5 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 (KB5002863)
Description of the security update for SharePoint Server Subscription Edition: May 12, 2026 KB5002863 Summary Important: If you're currently running SharePoint Workflow Manager, you must install SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you'r...
CVE-2025-43289
Summary : CVE-2025-43289 involves a logic issue in macOS that was mitigated by improved input validation. Affected products/versions : macOS Sonoma 14.8; fixes are included in macOS Sequoia 15.7 and macOS Tahoe 26. Vulnerability details : A malicious app could access sensitive user data due to th...
Fedora 44 : bind / bind-dyndb-ldap (2026-411248c8d9)
The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-411248c8d9 advisory. Update to 9.18.49 rhbz2480121 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...
CLSA-2026-1779359429 expat: Fix of CVE-2026-45186
CVE-2026-45186: fix quadratic runtime in attribute collision detection by using a hash table for default attribute names instead of an On^2 loop...
Astra Linux – Vulnerability in WebKit2GTK
A memory corruption issue has been resolved through improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 v. 14610.4.3.1.7 and 15610.4.3.1.7, watchOS 7.3.2, and macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution...