333 matches found
K000162041: Spring Framework vulnerabilities CVE-2026-41843 and CVE-2026-41846
Security Advisory Description CVE-2026-41843 Spring MVC and WebFlux applications are vulnerable to Path Traversal attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48. CVE-2026-41846 Spri...
K000162026: Multiple Go vulnerabilities
Security Advisory Description CVE-2026-33811 When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-39820 Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU...
BELL-CVE-2026-53244 CVE-2026-53244 does not affect BellSoft software
Bulletin has no description...
K000161911: Node.js vulnerability CVE-2026-48936
Security Advisory Description A flaw in Node.js Permission API can cause a local server to be started via a Unix domain socket, even without the --allow-net permission. This vulnerability affects one supported release line: Node.js 26. CVE-2026-48936 Impact There is no impact; F5 products are not...
BELL-CVE-2026-46278 CVE-2026-46278 does not affect BellSoft software
Bulletin has no description...
K000161669: Apache HTTP Server vulnerabilities CVE-2026-24072 and CVE-2026-23918
Security Advisory Description CVE-2026-24072 An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...
CVE-2026-46294
CVE-2026-46294 affects the Linux kernel device-mapper (dm-ioctl) in the retrieve_status path. A buffer-overflow could occur after aligning a pointer to an 8-byte boundary if the remaining length calculation wraps past the output buffer, potentially allowing writes beyond the buffer. The advisory ...
BELL-CVE-2026-46257 CVE-2026-46257 does not affect BellSoft software
Bulletin has no description...
K000161612: Golang vulnerabilities CVE-2025-4674 and CVE-2025-61724
Security Advisory Description CVE-2025-4674 The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contai...
K000161576: Linux kernel vulnerabilities CVE-2025-39841 and CVE-2025-39727
Security Advisory Description CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the ...
BELL-CVE-2026-46202
Bulletin has no description...
BELL-CVE-2026-46029
Bulletin has no description...
BELL-CVE-2026-45889
Bulletin has no description...
BELL-CVE-2026-46727 CVE-2026-46727 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2026-45951
Bulletin has no description...
BELL-CVE-2026-43391
Bulletin has no description...
BELL-CVE-2026-43305 CVE-2026-43305 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2026-6476
Bulletin has no description...
BELL-CVE-2026-43165
Bulletin has no description...
BELL-CVE-2026-43423 CVE-2026-43423 does not affect BellSoft software
Bulletin has no description...