Unity Linux 20.1070e Security Update: springframework (UTSA-2026-016702)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016702 advisory. Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an...

Joern 4.0.546

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Unity Linux 20.1070e Security Update: mysql-connector-java (UTSA-2026-016694)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016694 advisory. Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/J. Supported versions that are affected are 8.0.15 and prior. Difficult to...

An Empirical Evaluation of LLM-Generated Code Security across Prompting Methods

The growing use of Large Language Models LLMs for automated code generation has enhanced software development efficiency, but often at the cost of security. Generated code frequently overlooks critical concerns, leaving it vulnerable to issues such as weak encryption and improper input validation...

Apache CXF 安全漏洞

Apache CXF is an open-source web service framework developed by the Apache Foundation in the United States. This framework supports various web service standards and multiple front-end programming APIs. There are security vulnerabilities in Apache CXF; these vulnerabilities arise from incomplete...

Unity Linux 20.1060e / 20.1070e Security Update: derby (UTSA-2026-016640)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016640 advisory. In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and...

Unity Linux 20.1050e / 20.1070e Security Update: ed25519-java (UTSA-2026-016772)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016772 advisory. The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential...

Unity Linux 20.1060e / 20.1070e Security Update: xerces-j2 (UTSA-2026-016680)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016680 advisory. There's a vulnerability within the Apache Xerces Java XercesJ XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser t...

Unity Linux 20.1070e Security Update: wildfly-build-tools (UTSA-2026-016748)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016748 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1060e / 20.1070e Security Update: junit (UTSA-2026-016613)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016613 advisory. In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's...

RockyLinux 8 : java-1.8.0-openjdk (RLSA-2026:9683)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:9683 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

Unity Linux 20.1060e / 20.1070e Security Update: bouncycastle (UTSA-2026-016627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016627 advisory. Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library...

Unity Linux 20.1070e Security Update: datanucleus-core (UTSA-2026-016737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016737 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...

Unity Linux 20.1070e Security Update: wildfly-security-manager (UTSA-2026-016746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016746 advisory. Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...

Unity Linux 20.1060e / 20.1070e Security Update: jdom2 (UTSA-2026-016676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016676 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Tenable has extracted the preceding...

RockyLinux 8 : java-17-openjdk (RLSA-2026:9686)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:9686 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

RLSA-2026:9683 Important: java-1.8.0-openjdk security update

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

java-1.8.0-openjdk security update

An update is available for java-1.8.0-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime...

java-17-openjdk security update

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-17-openjdk packages provide the OpenJDK 17 Java Runtime...

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues CVE-2026-1188: eclipse: ensure room for separator in omrsysinfogetprocessorfeaturestring bsc1265261. CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated...