143 matches found
ROOT-OS-UBUNTU-2204-CVE-2026-31497 CVE-2026-31497 in rootio-linux - Patched by Root
Root has patched CVE-2026-31497 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-38639 CVE-2025-38639 in rootio-linux - Patched by Root
Root has patched CVE-2025-38639 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
MAL-2026-10301 Malicious code in fflc-updated (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0da486d000821631873ccd6fbb8eac17ee6dc94e8802946ef9d4cd288048e95 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-6414 Malicious code in two-factor-prompt-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95ebb96758f051c0a5a1c8fe97fb05c898f2489f4567fb64fbd271eb103dcadc Package self-identifies as a dependency-confusion proof-of-concept aimed at an internal/private package name. The postinstall script postinstall.js...
ROOT-APP-GOBINARY-CVE-2025-30204 CVE-2025-30204 in rootio-github.com/golang-jwt/jwt/v4 - Patched by Root
Root has patched CVE-2025-30204 in the rootio-github.com/golang-jwt/jwt/v4 package for Root:Go. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-21413 CVE-2026-21413 in rootio-libraw - Patched by Root
Root has patched CVE-2026-21413 in the rootio-libraw package for Root:Debian:13. Multiple fixed versions available...
MAL-2026-6047 Malicious code in @mastra/voice-google-gemini-live (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7292d326aee198d9a062ea2ac2675a0c48058faacb97aee1b862c8605b9a0658 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
OPENSUSE-SU-2026:10990-1 python-M2Crypto-doc-0.48.0-1.1 on GA media
These are all security issues fixed in the python-M2Crypto-doc-0.48.0-1.1 package on the GA media of openSUSE Tumbleweed...
DEBIAN-CVE-2026-46275
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...
UBUNTU-CVE-2026-43157
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps rxfcpfvfbmap and txfcpfvfbmap are allocated by cgxlmacinit but never freed in cgxlmacexit. Unbinding and rebinding the driver therefore triggers kmemleak:...
RHSA-2026:8473 Red Hat Security Advisory: .NET 10.0 security update
Bulletin has no description...
Malicious Package
Overview ahmedsalemph is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in ccn-common-react-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e786ee75b4c32af6bfd2d9129d0a1ded7b507ef1141e019acc9b6ba1dc1da374 The package ccn-common-react-library was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1688 Malicious code in chain-promised (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fd6ee3247632a88a25b8059314727f1757ed1163081b133945fbe4af59e5d28 The package chain-promised was found to contain malicious code...
MAL-2026-1590 Malicious code in @cbreone/core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e204888ba2b9573e474d804f28f51173684bb25f640615a9eaae217c5e1a45 The package @cbreone/core-ui was found to contain malicious code...
RHSA-2026:4438 Red Hat Security Advisory: freerdp security update
Bulletin has no description...
RHSA-2026:3516 Red Hat Security Advisory: thunderbird security update
Bulletin has no description...
DEBIAN-CVE-2026-3202
NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service...
RHSA-2026:2817 Red Hat Security Advisory: pcs security update
Bulletin has no description...
AZL-76859 CVE-2025-47911 affecting package application-gateway-kubernetes-ingress 1.7.7-2
The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...