io.quarkiverse.docling:quarkus-docling (>=0.0.1 <=0.0.4), io.quarkiverse.docling:quarkus-docling-deployment (>=0.0.1 <=0.0.4) +112 more potentially affected by CVE-2026-42333 via io.quarkiverse.openapi.generator:quarkus-openapi-generator (>=0.1.0 <=2.15.0)

io.quarkiverse.openapi.generator:quarkus-openapi-generator MAVEN version =0.1.0, =0.0.1, =0.0.1, =0.1.0, =2.10.0, =0.4.0, =2.10.0, =2.15.0 - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel =10.2.0 - org.apache.kie.sonataflow:sonataflow-addons-quarkus-camel-deployment =10.2.0 -...

org.apache.polaris:polaris-extensions-auth-opa-tests (>=1.3.0-incubating <=1.4.0), org.apache.polaris:polaris-runtime-spark-tests (>=1.0.0-incubating <=1.4.0) +3 more potentially affected by CVE-2026-42812 via org.apache.polaris:polaris-runtime-service (>=1.0.0-incubating <=1.4.0)

org.apache.polaris:polaris-runtime-service MAVEN version =1.0.0-incubating, =1.3.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.0.0-incubating, =1.4.0 Source cves: CVE-2026-42812 Source advisory: OSV:GHSA-W76P-3CGP-QFCM...

ae.teletronics.nlp:entityextraction (=1.3), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0) +1738 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=1.5.2-incubating <=2.5.8)

org.apache.opennlp:opennlp-tools MAVEN version =1.5.2-incubating, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =19.9.0, =19.9.1, =19.9.1, =19.9.0, =19.9.0, =19.9.0, =19.9.0, =26.3.2 and more Source cves: CVE-2026-40682 Source advisory: OSV:GHSA-4V8G-86X5-3VRC...

ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-quarkus-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +817 more potentially affected by CVE-2026-40682 via org.apache.opennlp:opennlp-tools (>=2.0.0 <=2.5.8)

org.apache.opennlp:opennlp-tools MAVEN version =2.0.0, =0.1.0, =0.1.0, =2.12.1, =2.12.1, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =22.9.0, =0.0.6, =0.1.1 and more Source cves: CVE-2026-40682 Source advisory: SNYK:JAVA-ORGAPACHEOPENNLP-16419377...

com.abavilla:fpi-bot-api (>=1.6.0 <=1.6.2), com.abavilla:fpi-bot-api-parent (>=1.6.0 <=1.6.2) +138 more potentially affected by CVE-2026-39852 via io.quarkus:quarkus-oidc (>=3.0.0.Alpha1 <=3.20.6)

io.quarkus:quarkus-oidc MAVEN version =3.0.0.Alpha1, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.6.0, =1.6.0, =1.8.0, =1.8.0, =1.0.25, =1.0.25, =1.5.0, =1.5.0, =1.3.1, =1.3.1, =1.3.4, =1.3.7 and more Source cves: CVE-2026-39852 Source advisory: SNYK:JAVA-IOQUARKUS-16420252...

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

be.ugent.idlab.knows:dataio (>=1.2.0 <=2.2.0), com.anrisoftware.globalpom:globalpomutils-data (>=2.14 <=4.8.0) +9 more potentially affected by CVE-2026-6501 via org.jopendocument:jOpenDocument (>=1.2 <=1.3)

org.jopendocument:jOpenDocument MAVEN version =1.2, =1.2.0, =2.14, =4.5.1, =3.5, =3.5, =0.10, =0.9.7, =0.9.0, =0.9.18 Source cves: CVE-2026-6501 Source advisory: OSV:GHSA-J9RH-P96M-MHHP...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

ALSA-2026:13537 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

RHEL 8 : thunderbird (RHSA-2026:13537)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13537 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

RHCOS 4 : OpenShift Container Platform 4.7.52 paackages (RHSA-2022:4909)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4909 advisory. - credentials: Stored XSS vulnerabilities in jenkins plugin CVE-2022-29036 - subversion: Stored XSS vulnerabilities in Jenkins...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Libraries. The supported versions affected include Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. This easily exploitable...

Astra Linux – Vulnerability in libgcrypt20

The ElGamal implementation in Libgcrypt before version 1.9.4 allows plaintext recovery. This occurs because, during interaction between two cryptographic libraries, a dangerous combination of elements arises—specifically, the prime number defined by the receiver’s public key, the generator define...

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability include Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, and 22.0.0.2...

[SECURITY] Fedora 43 Update: glibc-2.42-12.fc43

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

[SECURITY] Fedora 43 Update: nss-3.122.1-1.fc43

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

[SECURITY] Fedora 44 Update: glibc-2.43-4.fc44

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

RHEL 10 : thunderbird (RHSA-2026:12285)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:12285 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...