Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for April 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF007 and 25.0.1-IF001. These vulnerabilities have been also adressed in 24.0.1-IF007 and 25.0.0-IF004. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs...

Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`

Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical...

CVE-2026-6527

A flaw was found in Wireshark, a network protocol analyzer. A local user could be affected by this vulnerability if they open a specially crafted capture file containing malformed ASN.1 PER Abstract Syntax Notation One Packed Encoding Rules protocol data. This could lead to a crash of the Wiresha...

Astra Linux - уязвимость в python-django

A issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter consumes significant memory when dealing with a string representation of a number in scientific notation with a large exponent...

Astra Linux - уязвимость в python-pymysql

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input, because keys are not escaped by escapedict...

Astra Linux - уязвимость в libjettison-java

Those who use Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser runs on user-supplied input, an attacker may provide content that causes the parser to crash due to out-of-memory conditions. This vulnerability could potentially allow for...

CVE-2026-37525

AGL app-framework-binder afb-daemon through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The onsupervisioncall function in src/afb-supervision.c explicitly nullifies the request credentials by calling afbcontextchangecred&xreq-;context, NULL before...

Automotive Grade Linux app-framework-binder 安全漏洞

Automotive Grade Linux app-framework-binder is an application framework communication component from Automotive Grade Linux, Inc. A security vulnerability exists in Automotive Grade Linux app-framework-binder version 19.90.0 and earlier, which stems from the existence of elevation of privilege in...

PT-2026-36506

Name of the Vulnerable Software and Affected Versions AGL app-framework-main versions 17.1.12 and earlier Description A Zip Slip path traversal issue combined with a Time-of-Check to Time-of-Use TOCTOU race condition exists in the widget installation flow. The is valid filename function in...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

CLSA-2026-1777545654 cups: Fix of CVE-2026-41079

CVE-2026-41079: limit numbytes for SNMP string values to prevent out-of-bounds read in asn1decodesnmp...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

PT-2026-36196

Name of the Vulnerable Software and Affected Versions Exim versions prior to 4.99.2 Description An out-of-bounds heap write can occur when JSON lookup is enabled. This happens when a JSON operator encounters malformed JSON in an untrusted header due to an incorrect implementation of backslash...

Exim 缓冲区错误漏洞

Exim is an open-source message transfer agent MTA developed by Exim Software. It operates on Unix-based systems and is primarily responsible for routing, forwarding, and delivering emails. Prior to Exim 4.99.2, there was a buffer error vulnerability. This vulnerability stemmed from the JSON...

UBUNTU-CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

GHSA-QR4G-8HRP-C4RW vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws...

CVE-2026-41485 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kyverno...

GHSA-CVQ5-HHX3-F99P vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws, kyverno...

GHSA-QR4G-8HRP-C4RW vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno-notation-aws...

CVE-2026-41485 vulnerabilities

Vulnerabilities for packages: kyverno-notation-aws-fips, kyverno, kyverno-notation-aws, kyverno-fips...