Security Bulletin: SQL Injection Vulnerability in Apache Hive Metastore Server Thrift APIs, affects watsonx.data

Summary Apache Hive versions 4.1.0 before 4.2.0 are vulnerable to SQL injection in Hive Metastore Server when handling delete column statistics via Thrift APIs. Exploitation is limited to authorized users with API access. Upgrading to 4.2.0 or disabling direct SQL metastore.try.direct.sql=false...

Security Bulletin: Memory Exhaustion Vulnerability in quic-go HTTP/3 Header Processing, affects watsonx.data

Summary quic-go versions 0.56.0 and below are vulnerable to memory exhaustion via specially crafted QPACK-encoded HEADERS frames. Insufficient limits on decoded header sizes allow attackers to trigger excessive memory allocation. This issue is fixed in version 0.57.0. This can affect watsonx.data...

Security Bulletin: Cross-Site Scripting (XSS) Vulnerability in data-target Attribute Handling in Bootstrap, affects watsonx.data

Summary A Cross-Site Scripting XSS vulnerability in Bootstrap versions before 3.4.0 and 4.0.0-beta.2 allows attackers to inject malicious code via the data-target attribute due to improper input handling. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2016-10735 DESCRIPTION: In...

Security Bulletin: Memory Exhaustion via Excessive Cookies in HTTP Servers, affects watsonx.data

Summary HTTP servers may be vulnerable to memory exhaustion because, while HTTP headers have a 1MB limit, there is no limit on the number of cookies parsed. An attacker can send many small cookies e.g., a=; to trigger excessive memory allocation, potentially leading to high memory usage or...

Security Bulletin: TOCTOU Symlink Vulnerability in filelock, affects watsonx.data

Summary filelock versions prior to 3.20.1 are vulnerable to a Time-of-Check-Time-of-Use TOCTOU race condition. Local attackers can exploit this via symlinks to corrupt or truncate arbitrary files during lock creation on Unix, Linux, macOS, and Windows. The issue is fixed in version 3.20.1; partia...

Security Bulletin: tCRLF Injection Vulnerability in Netty HttpRequestEncoder Leading to Request Smuggling, affects watsonx.data

Summary Netty versions prior to 4.1.129.Final and 4.2.8.Final are vulnerable to CRLF injection in HttpRequestEncoder, allowing request smuggling if URIs are not properly sanitized. The issue is fixed in versions 4.1.129.Final and 4.2.8.Final. This can affect watsonx.data. Vulnerability Details...

shadowforge

ShadowForge "Trust no one. Suspect ev...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.7.0 Vulnerability Details CVEID:CVE-2025-14009 DESCRIPTION: A critical vulnerability exists in the NLTK downloader component of nltk/nltk, affecting all versions. The unzipiter function in...

Exploit for CVE-2025-1242

CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...

K000160641: pac4j vulnerability CVE-2026-29000

Security Advisory Description pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can...

CVE-2026-34986

A flaw was found in Go JOSE, a library for handling JSON Web Encryption JWE objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the...

Signature Placement in Post-Quantum TLS Certificate Hierarchies: An Experimental Study of ML-DSA and SLH-DSA in TLS 1.3 Authentication

Post-quantum migration in TLS 1.3 should not be understood as a flat substitution problem in which one signature algorithm is replaced by another and deployment cost is inferred directly from primitive-level benchmarks. In certificate-based authentication, the practical effect of a signature fami...

UBUNTU-CVE-2026-28390

Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary: Applications that process attacker-controlled CMS data may crash before authentication or cryptographic operations occur resulting in Denia...

OpenSSL 1.0.2 < 1.0.2zp Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.2zp. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.2zp advisory. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereferenc...

OpenSSL 3.3.0 < 3.3.7 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.3.7. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.3.7 advisory. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit...

OpenSSL 1.1.1 < 1.1.1zg Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.1.1zg. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.1.1zg advisory. - Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon...

Linux Distros Unpatched Vulnerability : CVE-2026-28390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: During processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo a NULL pointer dereference can happen. Impact summary:...

OpenSSL 3.4.0 < 3.4.5 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.4.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.4.5 advisory. - Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit...

PT-2026-31039

Name of the Vulnerable Software and Affected Versions OpenSSL versions 3.0 through 3.6 Description Processing a specially crafted CMS EnvelopedData message with KeyTransportRecipientInfo can lead to a NULL pointer dereference. This can cause applications that process attacker-controlled CMS data ...

PT-2026-30996

The Semtech LR11xx LoRa transceivers implement secure boot functionality using digital signatures to authenticate firmware. However, the implementation uses a non-standard cryptographic hashing algorithm that is vulnerable to second preimage attacks. An attacker with physical access to the device...