firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

com.github.niupengyu.schedule:ahead-schedule-distributed (>=1.2.6-RELEASE <=1.2.8-RELEASE), com.github.niupengyu:ahead-frame-socket (>=1.2.1-RELEASE <=1.2.3-RELEASE) +40 more potentially affected by CVE-2024-52046 +1 more via org.apache.mina:mina-core (>=2.1.0 <=2.1.10)

org.apache.mina:mina-core MAVEN version =2.1.0, =1.2.6-RELEASE, =1.2.1-RELEASE, =2.2.1, =2.2.1, =3.0.0, =1.0.0, =3.0.11, =3.6.7, =3.6.7, =3.6.7, =3.6.10 and more Source cves: CVE-2024-52046, CVE-2026-41409 Source advisory: SNYK:JAVA-ORGAPACHEMINA-16322973...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...

firefox: thunderbird: Other issue in the Libraries component in NSS

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the Libraries component in NSS...

Security Bulletin: Maximo AI Service uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary Maximo AI Service uses logback-core-1.5.21.jar, spring-web-6.2.14.jar, pygments-2.19.2-py3-none-any.whl, and cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, which are vulnerable to CVE-2026-1225, CVE-2026-22735, CVE-2026-4539, and CVE-2026-34073. This bulletin contains information...

RHEL 9 : firefox (RHSA-2026:10757)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10757 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...

com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-memory-long (>=1.1.0.0 <=1.1.2.3), com.alibaba.cloud.ai:spring-ai-alibaba-starter-memory-long (>=1.1.0.0 <=1.1.2.3) +5 more potentially affected by CVE-2026-40966 via org.springframework.ai:spring-ai-advisors-vector-store (>=1.1.0-M3 <=1.1.4)

org.springframework.ai:spring-ai-advisors-vector-store MAVEN version =1.1.0-M3, =1.1.0.0, =1.1.0.0, =1.1.0.0, =0.0.6, =4.17.0, =4.17.0, =4.20.0 - org.vrspace:server =0.8.7 Source cves: CVE-2026-40966 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316424...

RHEL 8 : firefox (RHSA-2026:10766)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:10766 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

ALSA-2026:10766 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine compone...

[SECURITY] Fedora 44 Update: python3.13-3.13.13-1.fc44

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

[SECURITY] Fedora 44 Update: python3.15-3.15.0~a8-1.fc44

Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...

[SECURITY] Fedora 44 Update: stb-0^20260313git904aa67-2.fc44

Single-file public domain libraries for C/C++...

[SECURITY] Fedora 44 Update: corosync-3.1.10-5.fc44

This package contains the Corosync Cluster Engine Executive, several default APIs and libraries, default configuration files, and an init script...

CVE-2026-41248

Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. This vulnerability is fixed in...

@bynder/bynder-js-sdk (=2.5.3), @craftgate/craftgate (=1.0.66) +3 more potentially affected by CVE-2025-62718 +1 more via axios (=0.31.0)

axios NPM version =0.31.0 is affected by a known vulnerability. The following packages have a transitive dependency on axios and may be impacted: - @bynder/bynder-js-sdk =2.5.3 - @craftgate/craftgate =1.0.66 - @extrahorizon/exh-cli =1.13.2, =8.10.0, =8.10.0-dev-162-aab55c5 - amio-sdk-js =4.4.4...