7466 matches found
CVE-2026-4727
Denial-of-service in the Libraries component in NSS. This vulnerability was fixed in Firefox 149 and Thunderbird 149...
com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)
org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15791526...
PT-2026-27425
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149 Description A denial-of-service issue exists within the Libraries component of NSS. This flaw could potentially disrupt normal operations. Recommendations Update Firefox to versio...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +9997 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)
org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701845...
[SECURITY] Fedora 43 Update: dotnet10.0-10.0.104-1.fc43
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +2251 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-actuator (>=3.4.0 <=3.5.11)
org.springframework.boot:spring-boot-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =0.0.1, =0.1.0, =0.8.2 - cc.zzzyu.nacos:nacos-ai =3.1.1 and more Source cves: CVE-2026-22731 Source advisory:...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +773 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-actuator (>=4.0.0-M1 <=4.0.3)
org.springframework.boot:spring-boot-actuator MAVEN version =4.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =3.1.0, =3.3.0 and more Source cves: CVE-2026-22731 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKBOOT-15701840...
ai.ancf.lmos:arc-runner (>=0.1.1 <=0.114.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +4715 more potentially affected by CVE-2026-22733 via org.springframework.boot:spring-boot-actuator (>=3.0.0 <=3.5.11)
org.springframework.boot:spring-boot-actuator MAVEN version =3.0.0, =0.1.1, =0.0.4, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =cloud-0.1, =0.1.0, =0.0.1, =0.0.2 and more Source cves: CVE-2026-22733 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKBOOT-15701836...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.6.0) +682 more potentially affected by CVE-2026-22733 via org.springframework.boot:spring-boot-starter-actuator (>=4.0.0-M1 <=4.0.3)
org.springframework.boot:spring-boot-starter-actuator MAVEN version =4.0.0-M1, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =3.1.0, =3.3.0 and more Source cves: CVE-2026-22733 Source advisory: OSV:GHSA-MGVC-8Q2H-5PGC...
ai.langsa:ccaas-starter (>=0.1 <=cloud-0.3), ai.langsa:pom-ccaas-langsa (=0.1) +2590 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=6.0.0 <=6.3.10)
org.springframework.security:spring-security-web MAVEN version =6.0.0, =0.1, =0.5.2, =0.5.0, =7.0.0, =1.0.0, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.31 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...
fastapi-helpers (>=0.0.1 <=0.2.3), fastapi-users-db-ormar (=1.0.0) +11 more potentially affected by CVE-2026-27953 via ormar (>=0.10.16 <=0.20.2)
ormar PYPI version =0.10.16, =0.0.1, =0.3.1, =0.3.0, =0.0.1, =0.3.1, =0.0.1, =1.0.0, =0.0.1, =0.0.2 Source cves: CVE-2026-27953 Source advisory: SNYK:PYTHON-ORMAR-15701843...
Cross-Ecosystem Vulnerability Analysis for Python Applications
Python applications depend on native libraries that may be vendored within package distributions or installed on the host system. When vulnerabilities are discovered in these libraries, determining which Python packages are affected requires cross-ecosystem analysis spanning Python dependency...
blake-streams (=0.1.0), fuel-p2p (>=0.4.0 <=0.5.0) +9 more potentially affected by CVE-2026-33040 via libp2p-gossipsub (>=0.28.0 <=0.35.0)
libp2p-gossipsub CARGO version =0.28.0, =0.4.0, =0.20.0, =0.36.0, =0.16.0, =0.1.0, =0.1.1, =0.2.0, =0.39.1, =0.39.3 Source cves: CVE-2026-33040 Source advisory: OSV:GHSA-GC42-3JG7-RXR2...
SUSE-SU-2026:0915-1 Security update for 389-ds
This update for 389-ds fixes the following issues: Update to LTS branch 2.7 jscPED-14342: - CVE-2025-14905: Fixed heap buffer overflow due to improper size calculation in schemaattrenumcallback callback bsc1258727. Bug fixes: - Resolve python build error that caused lib389 to be missing some...
CLSA-2026-1773784132 Update of alt-php
Port to Debian 10 buster with renamed libraries to avoid conflicts with system PostgreSQL packages. Rename library packages to allow coexistence with other PostgreSQL versions: - libpq5 - libpq5-9.6 library: libpq-9.6.so.5 - libpq-dev - libpq-dev-9.6 - libecpg6 - libecpg6-9.6 library:...
CVE-2026-32836
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
CVE-2026-32836 mackron / dr_libs dr_flac.h Excessive Memory Allocation in PICTURE Metadata Parsing
drlibs drflac.h version 0.13.3 and earlier fixed in commits fefced4, 4f5a4cd, and 663239a contain an uncontrolled memory allocation vulnerability in drflacreadanddecodemetadata that allows attackers to trigger excessive memory allocation by supplying crafted PICTURE metadata blocks. Attackers can...
[SECURITY] Fedora 42 Update: python3.11-3.11.15-1.fc42
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
[SECURITY] Fedora 44 Update: python3.10-3.10.20-1.fc44
Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...
[SECURITY] Fedora 42 Update: dr_libs-0^20241216git660795b-4.fc42
Single-file audio decoding libraries for C/C++...