Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. CVE-2026-22016: APIs in the specifie...

SUSE-SU-2026:1955-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. - CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. - CVE-2026-22016: APIs in the...

Security update for ovmf

This update for ovmf fixes the following issues CVE-2026-25833: mbedtls: buffer underflow in x509inetptonipv6 bsc1261476. CVE-2026-25834: mbedtls: Algorithm downgrade vulnerability bsc1261477. CVE-2026-25835: mbedtls: PSA random generator cloning bsc1261478. CVE-2026-34874: mbedtls: NULL pointer...

SUSE-SU-2026:1952-1 Security update for ovmf

This update for ovmf fixes the following issues - CVE-2026-25833: mbedtls: buffer underflow in x509inetptonipv6 bsc1261476. - CVE-2026-25834: mbedtls: Algorithm downgrade vulnerability bsc1261477. - CVE-2026-25835: mbedtls: PSA random generator cloning bsc1261478. - CVE-2026-34874: mbedtls: NULL...

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936. Patch Instructions: To install this SUSE update use th...

SUSE-SU-2026:1938-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: - CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936...

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936. Patch Instructions: To install this SUSE update use th...

SUSE-SU-2026:1935-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: - CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty encryptedkey field but key wrapping algorithm set can lead to a denial of service bsc1262936...

K000153108: Linux kernel vulnerability CVE-2024-50208

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when numpages 256K. There will be a single PDE page addre...

K000153097: Linux kernel vulnerability CVE-2024-50275

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: arm64/sve: Discard stale CPU state when handling SVE traps The logic for handling SVE traps manipulates saved FPSIMD/SVE state incorrectly, and a race with preemption can result in a task having TIFS...

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl CVE-2009-2625, CVE-2012-0881, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2009-2625 DESCRIPTION: XMLScanner.java in Apache Xerces2...

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Semeru Java 17 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM Semeru Runtime Certified Edition, Version 17 and is affected by multiple vulnerabilities Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to return the textua...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.2 Vulnerability Details CVEID:CVE-2025-55132 DESCRIPTION: A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes even...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.2 Vulnerability Details CVEID:CVE-2026-24398 DESCRIPTION: Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, IP...

Security Bulletin: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp

Summary Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

Security Bulletin: Erlang OTP inets httpd Vulnerable to HTTP Request Smuggling via Duplicate Content-Length Headers

Summary Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Erlang OTP inets httpd module allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/httpserver/httpdrequest.erl and program routines httpdrequest:parseheaders/...

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition for IBM Content Collector for SAP Applications

Summary Multiple Vulnerabilities were disclosed as part of the Oracle April 2026 Critical Patch Update. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...

CVE-2026-44172

Disclaimer: This data contains information about vulnerable...

CVE-2026-44173

Disclaimer: This data contains information about vulnerable...

PT-2026-41739

Name of the Vulnerable Software and Affected Versions AutoGPT versions 0.6.36 through 0.6.50 Description AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. The software is subject to Authenticated Session Hijacking via Insecu...