K000161577: Linux kernel vulnerability CVE-2025-39817

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-42264)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-42264 DESCRIPTION: Axios i...

Security Bulletin: IBM Security SOAR is using a component with a known vulnerability (CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036)

Summary IBM Security SOAR uses an older version of the Axios component that may be identified and exploited. Updates for supported versions have been released which address the issue. It is recommended to upgrade to version 51.0.10.0 Vulnerability Details CVEID:CVE-2026-42033 DESCRIPTION: Axios i...

K000161578: Linux kernel vulnerability CVE-2025-38085

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.91 security and extras update

Red Hat OpenShift Container Platform release 4.12.91 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Low...

GHSA-RXV8-25V2-QMQ8 React Router vulnerable to Denial of Service via reflected user input in single-fetch

A DoS vulnerability exists in the React Router v7 Framework Mode, as well as Remix v2.9.0+ with Single Fetch enabled. In some scenarios the underlying serialization algorithm can become a bottleneck when encoding specific types of data into server responses. Please upgrade to React Router v7.14.0...

React Router vulnerable to Denial of Service via reflected user input in single-fetch

A DoS vulnerability exists in the React Router v7 Framework Mode, as well as Remix v2.9.0+ with Single Fetch enabled. In some scenarios the underlying serialization algorithm can become a bottleneck when encoding specific types of data into server responses. Please upgrade to React Router v7.14.0...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.67 security and extras update

Red Hat OpenShift Container Platform release 4.13.67 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Low...

Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue. Because Anthropic's own action repo used the same workflow, a working attack could have pushed...

GHSA-M8XG-8XG9-MXHM Nuclio: Missing authorization on project write paths allows any authenticated user to modify or delete any project

This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user without membership in the target project to bypass OPA authorization checks on write paths PUT /api/projects/id, DELETE /api/projects and modify or delete any project along with all its...

Nuclio: Missing authorization on project write paths allows any authenticated user to modify or delete any project

This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user without membership in the target project to bypass OPA authorization checks on write paths PUT /api/projects/id, DELETE /api/projects and modify or delete any project along with all its...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationRuntime and IntegrationServer operands that use Kafka are vulnerable to loss of confidentiality (CVE-2025-27817, CVE-2025-27818)

Summary Apache Kafka Client is used by IBM App Connect Enterprise Certified Container when running flows that connect to a Kafka server. IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that use Kafka Client are vulnerable to loss of confidentiality...

GHSA-H97M-27FX-42RX matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

matrix-sdk-ui: Incomplete edit validation

Impact The message edit validation logic in the matrix-sdk-ui crate before 0.16.1 is missing a check: when replacing an encrypted event, the replacement event itself is not required to be encrypted. This enables a malicious homeserver administrator or an actor with equivalent power to impersonate...

Exploit for Deserialization of Untrusted Data in Presstigers Simple_Job_Board

CVE-2024-1813 - Simple Job Board ≤ 2.11.0 WordPress - Unauth...

Use of Weak Hash

Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...

Use of Weak Hash

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An...

Use of Weak Hash

Overview Affected versions of this package are vulnerable to Use of Weak Hash in the mlflow.data.digestutils function. An attacker can compromise data integrity or cause unexpected behavior by exploiting the use of a weak hash algorithm during dataset digest computation. PoC python import pandas ...

Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection

Summary Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause...

GHSA-HFXV-24RG-XRQF Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection

Summary Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can influence the cookie name passed to axios can cause...