AlmaLinux 10 : java-25-openjdk (ALSA-2026:9693)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9693 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JD...

java-17-openjdk security update

1:17.0.19.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.19.0.10-1 - Update to jdk-17.0.19+10 GA - Add to .gitignore openjdk-17.0.19+10.tar.xz - Set updatever to 19 - Set buildver to 10 - Set rpmrelease to 1 - Update sources to openjdk-17.0.19+10.tar.xz - This tarball is embargoed...

RHEL 8 / 9 : java-17-openjdk (RHSA-2026:9686)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9686 advisory. The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security...

Oracle Database Server (April 2026 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Security-in-Depth issue in the Spatial and Graph SQLite component of Oracle Database Server. This vulnerability cannot be exploited in the...

Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities

Summary IBM Guardium Data Protection has addressed these vulnerabilities in an update. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows an remote attacker to cause a hang or...

Security Bulletin: Enterprise Content Managemant System Monitor for March 2026 - multiple CVEs

Summary Enterprise Content Management System Monitor is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details...

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

Important: Red Hat Security Advisory: OpenJDK 21.0.11 Security Update for Windows Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Improved Arena allocations (Oracle CPU 2026-04)

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance Zip file reading (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK:...

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

RHSA-2026:9693 Red Hat Security Advisory: java-25-openjdk security update

Bulletin has no description...

RHSA-2026:9682 Red Hat Security Advisory: java-1.8.0-openjdk security update

Bulletin has no description...

RHSA-2026:9254 Red Hat Security Advisory: Java 11 OpenJDK ELS Security Update

Bulletin has no description...

Security Bulletin: Due to use of IBM SDK, IBM Sterling Connect:Direct Web Services is affected by denial of service.

Summary IBM SDK is used by IBM Sterling Connect:Direct Web Services CVE-2026-21945, CVE-2026-21932, CVE-2026-21933,CVE-2026-21925. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability issue that allows ...

br.com.m4rc310:br-com-m4rc310-core-graphql (>=1.0.2 <=1.0.18), br.com.m4rc310:br-com-m4rc310-core-gtim (>=1.0.4 <=1.0.18) +119 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=3.0.0 <=3.5.11)

org.springframework.boot:spring-boot-devtools MAVEN version =3.0.0, =1.0.2, =1.0.4, =1.0.2, =1.0.16, =1.0.2, =1.0.4, =1.0.2, =1.0.18, =1.0.2, =1.0.2, =1.0.11, =0.0.11, =3.0.0, =4.0.0, =4.0.0-M1 and more Source cves: CVE-2026-40972 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKBOOT-16191381...