Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.33 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

RHEL 8 : libcap (RHSA-2026:24346)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24346 advisory. Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: libcap: Privilege escalation vi...

Alibaba Cloud Linux 3 : 0126: libcap (ALINUX3-SA-2026:0126)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0126 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-4878: A flaw was found in libcap. A local...

RockyLinux 9 : libcap (RLSA-2026:19346)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19346 advisory. libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 Tenable has extracted the preceding description block directly from th...

MiracleLinux 8 : libcap-2.48-6.el8_10.1 (AXSA:2026-559:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-559:02 advisory. libcap: libcap: Privilege escalation via TOCTOU race condition in capsetfile CVE-2026-4878 Tenable has extracted the preceding description block directly from...

libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : libcap vulnerability (USN-8193-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8193-1 advisory. Ali Raza discovered that libcap incorrectly handled file capability updates. A local attacker could possibly use this issue to inject or strip...

EUVD-2026-20910

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use TOCTOU race condition in the capsetfile function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so,...

MiracleLinux 8 : libcap-2.48-5.el8 (AXSA:2023-6325:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6325:01 advisory. libcap: Integer Overflow in libcapstrdup CVE-2023-2603 libcap: Memory Leak on pthreadcreate Error CVE-2023-2602 Tenable has extracted the preceding...

MiracleLinux 4 : libcap-2.16-5.5.AXS4 (AXSA:2012-32:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-32:01 advisory. libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security issues fixed with this release: CVE-2011-4099 No...

EUVD-2011-4050

Malware in sbrugna...

EUVD-2023-34076

Malicious code in bioql PyPI...

EUVD-2023-34077

Malicious code in bioql PyPI...

EulerOS 2.0 SP11 : libcap (EulerOS-SA-2025-1959)

According to the versions of the libcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ ar...

NewStart CGSL MAIN 7.02 : libcap Vulnerability (NS-SA-2025-0190)

The remote NewStart CGSL host, running version MAIN 7.02, has libcap packages installed that are affected by a vulnerability: - A vulnerability was found in libcap. This issue occurs in the libcapstrdup function and can lead to an integer overflow if the input string is close to 4GiB. CVE-2023-26...

EulerOS 2.0 SP10 : libcap (EulerOS-SA-2025-1779)

According to the versions of the libcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ ar...

EulerOS 2.0 SP13 : libcap (EulerOS-SA-2025-1706)

According to the versions of the libcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ ar...

Huawei EulerOS: Security Advisory for libcap (EulerOS-SA-2025-1593)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : libcap (EulerOS-SA-2025-1594)

According to the versions of the libcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ ar...

EulerOS 2.0 SP12 : libcap (EulerOS-SA-2025-1593)

According to the versions of the libcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The PAM module pamcap.so of libcap configuration supports group names starting with @, during actual parsing, configurations not starting with @ ar...