IBM Java 7.1 < 7.1.5.30 / 8.0 < 8.0.8.65 Multiple Vulnerabilities

The version of IBM Java installed on the remote host is 7.1 prior to 7.1.5.30 / 8.0 prior to 8.0.8.65. It is, therefore, affected by multiple vulnerabilities as referenced in the Oracle April 21 2026 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM...

Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

Oracle Linux 10 / 9 : java-25-openjdk (ELSA-2026-9693)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9693 advisory. 1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 -...

java-25-openjdk security update

1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 - Update FIPS patch to 57722aab802 version synced with 25.0.3+8 - Drop local libpng patches now JDK-8372534, JDK-8375063 & JDK-8377526 are included upstrea...

openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

Security Bulletin: IBM Guardium Data Protection is affected by an IBM SDK, Java Technology Edition Quarterly CPU - Oct 2025 - Includes Oracle October 2025 CPU vulnerability (CVE-2025-53066, CVE-2025-53057)

Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact...

openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JGSS. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

Important: Red Hat Security Advisory: Java 11 OpenJDK ELS Security Update

An update for java-11-openjdk with Extended Lifecycle Support is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Red Hat Enterprise Linux 9. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit...

CVE-2026-22020

updated libpng in Oracle Java...

CVE-2026-32613

Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL Spring Expression Language to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT...

OSV-2026-609 Security exception in com.github.javaparser.ast.NodeList.forEach

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504814677 Crash type: Security exception Crash state: com.github.javaparser.ast.NodeList.forEach com.github.javaparser.ast.visitor.VoidVisitorAdapter.visit...

Joern 4.0.525

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Oracle Database Server Java VM Component Data Disclosure Vulnerability

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

Oracle Java SE Multiple Vulnerabilities (April 2026 CPU)

The version of Java installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions tha...

Linux Distros Unpatched Vulnerability : CVE-2026-22008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allow...

Amazon Corretto Java 8.x < 8.492.09.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 8 prior to 8.492.09.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2026-Apr-21 advisory. - An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions...