Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: google-oauth-java-client (UTSA-2026-021484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021484 advisory. The vulnerability is that IDToken verifier does not verify if token is properly signed. Signature verification makes sure that the token's payload comes from valid...

PT-2026-41787

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description A memory leak exists in the custom CappedConcurrentHashMap used for Java TLS state tracking. The remove function deletes entries from the map but fails to remove the...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the pre-auth logic that enables an attacker to activate the default-disabled POJO import feature. The attacker can then upload and import a malicious Java POJO leading to execution of arbitrary code by...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the pre-auth logic that enables an attacker to activate the default-disabled POJO import feature. The attacker can then upload and import a malicious Java POJO leading to execution of arbitrary code by...

PublicCMS 安全漏洞

PublicCMS is an open-source content management system CMS developed by PublicCMS Company in China using the Java language. Version Sanluan PublicCMS 5.202506.d contains a security vulnerability. This vulnerability stems from the improper handling of the templateContent parameter in the execute...

java-1_8_0-openj9-1.8.0.492-2.1 on GA media (moderate)

java-180-openj9-1.8.0.492-2.1 on GA media Announcement ID: openSUSE-SU-2026:10790-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability ca...

java-25-openj9-25.0.3.0-2.1 on GA media (moderate)

java-25-openj9-25.0.3.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10792-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

java-21-openj9-21.0.11.0-2.1 on GA media (moderate)

java-21-openj9-21.0.11.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10791-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

java-17-openj9-17.0.19.0-2.1 on GA media (moderate)

java-17-openj9-17.0.19.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10789-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

java-11-openj9-11.0.31.0-2.1 on GA media (moderate)

java-11-openj9-11.0.31.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:10788-1 Rating: moderate Cross-References: CVE-2026-1188 CVSS scores: CVE-2026-1188 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can...

OPENSUSE-SU-2026:10788-1 java-11-openj9-11.0.31.0-2.1 on GA media

These are all security issues fixed in the java-11-openj9-11.0.31.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10789-1 java-17-openj9-17.0.19.0-2.1 on GA media

These are all security issues fixed in the java-17-openj9-17.0.19.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10790-1 java-1_8_0-openj9-1.8.0.492-2.1 on GA media

These are all security issues fixed in the java-180-openj9-1.8.0.492-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10791-1 java-21-openj9-21.0.11.0-2.1 on GA media

These are all security issues fixed in the java-21-openj9-21.0.11.0-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10792-1 java-25-openj9-25.0.3.0-2.1 on GA media

These are all security issues fixed in the java-25-openj9-25.0.3.0-2.1 package on the GA media of openSUSE Tumbleweed...

cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7), cn.sliew:flinkful-sql-catalog (>=1.0.3 <=1.0.7) +102 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-planner2.12 MAVEN version =1.15.0, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0, =0.1, =0.6.1, =0.6.1, =1.17-2.5.2, =2.5.1-flink-1.17 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799799...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +348 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-api-java MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.5.6.2 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +348 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-api-java MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.5.6.2 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799798...

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799798...