Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Link Resolution Before File Access ('Link Following'), Use of Insufficiently Random Values, Insecure Temporary File (CVE-2026-40977, CVE-2026-40975, CVE-2026-40973)

Summary There are vulnerabilities in spring-boot-3.5.12.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2026-40977, CVE-2026-40975, CVE-2026-40973. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as...

Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by Multiple Vulnerabilities.

Summary spring-boot-3.5.13.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-40973, CVE-2026-40975, CVE-2026-40977. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as the application may be able to take control of the directory used by...

SUSE SLES15 Security Update : csync2 (SUSE-SU-2026:2116-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2116-1 advisory. This update for csync2 fixes the following issue - CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later bsc1262472...

CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

SUSE-SU-2026:21994-1 Security update for csync2

This update for csync2 fixes the following issues Security issue: - CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later bsc1262472. Non security issue: - Fix packages for Immutable Mode jscPED-14855...

OPENSUSE-SU-2026:20900-1 Security update for csync2

This update for csync2 fixes the following issues Security issue: - CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later bsc1262472. Non security issue: - Fix packages for Immutable Mode jscPED-14855...

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities stemmed from the handling of insecure temporary files during the publication of workflows, which could allow...

Security update for csync2

This update for csync2 fixes the following issue CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later bsc1262472. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively yo...

SUSE-SU-2026:2116-1 Security update for csync2

This update for csync2 fixes the following issue - CVE-2026-41051: uses insecure temporary directories when compiled with C99 or later bsc1262472...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-boot (CVE-2026-40973, CVE-2026-40975, CVE-2026-40977)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40973, CVE-2026-40975, CVE-2026-40977 reported for spring-boot-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as the application may be able to take control of the...

Linux Distros Unpatched Vulnerability : CVE-2026-41051

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories. CVE-2026-41051 Note...

CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

DEBIAN-CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

UBUNTU-CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

CVE-2026-41051

CVE-2026-41051 affects csync2 and is due to the use of insecure temporary directories when csync2 is compiled with C99 or later, enabling TOCTOU-style issues in temporary paths. Public records indicate the vulnerability impacts openSUSE Tumbleweed’s csync2 package in the 2.0+git.1600444747.83b364...

CVE-2026-41051 csync2 uses insecure temporary directories when compiled with C99 or later

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

CVE-2026-41051 csync2 uses insecure temporary directories when compiled with C99 or later

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

CVE-2026-41051

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

ROS-20260513-73-0017

Vulnerability in python2-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...

ROS-20260513-73-0016

Vulnerability in python-requests related to insecure temporary files. Exploitation of the vulnerability could allow an attacker to overwrite arbitrary files...