Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssl (UTSA-2026-007124)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007124 advisory. Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications...

CLSA-2026-1776256866 binutils: Fix of CVE-2025-11082

CVE-2025-11082: Fix heap-based buffer overflow in bfdelfparseehframe; mitigate local memory corruption risk; apply upstream patches ea1a0737c769 and e4f355f13be...

Prototype Pollution

Overview org.webjars.npm:protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic,...

Prototype Pollution

Overview protocol-buffers-schema is a No nonsense protocol buffers schema parser written in Javascript Affected versions of this package are vulnerable to Prototype Pollution via the parse function. An attacker can modify object prototypes, potentially altering application logic, bypassing securi...

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the MailAddressParser.TryParseAddress function due to improper neutralisation of CRLF sequences. An attacker can impersonate another user or entity by sending specially crafted data over the network...

EUVD-2026-22704

October Rain has Environment Variable Exfiltration via INI Parser Interpolation...

CVE-2026-6141

A vulnerability was determined in danielmiessler PersonalAIInfrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parseurl.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclos...

CVE-2026-39979

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to incorrect parse function values in net/url (CVE-2025-47912)

Summary IBM Watson Speech Services Cartridge is vulnerable to a condition in net/url that allows incorrect parse function values other than IPv6 addresses to be included in square brackets within the host component of a URL CVE-2025-47912, Net/url is used in our speech-utilities. This...

CLSA-2026-1776177493 Fix CVE(s): CVE-2025-11082

SECURITY UPDATE: fix heap-based buffer overflow in bfdelfparseehframe - debian/patches/CVE-2025-11082.patch: add bounds check before reading buf1 in the legacy "eh" CIE path - CVE-2025-11082...

UBUNTU-CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

CVE-2026-39979 jq: Out-of-Bounds Read in jv_parse_sized() Error Formatting for Non-NUL-Terminated Counted Buffers

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the parseNode and parseEdge functions when topology metadata such as component IDs, stream names, or grouping values are interpolated into HTML without proper sanitization. An attacker can execute arbitrary...

CVE-2026-35565

Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...

CVE-2026-35565

Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...

CVE-2026-35565 Apache Storm UI: Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Storm UI

Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...