CVE-2026-32299

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the page content retrieval feature may allow retrieval of non-public information. Versions 1.41.1 and...

SUSE-SU-2026:20829-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40214: afunix: Initialise sccindex in unixaddedge bsc1255052. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. -...

CVE-2026-33548 MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline

Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...

league/commonmark has an embed extension allowed_domains bypass

Impact The DomainFilteringAdapter in the Embed extension is vulnerable to an allowlist bypass due to a missing hostname boundary assertion in the domain-matching regex. An attacker-controlled domain like youtube.com.evil passes the allowlist check when youtube.com is an allowed domain. This enabl...

CVE-2026-32254

Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...

CVE-2026-26202

Penpot is an open-source design tool for design and code collaboration. Prior to version 2.13.2, an authenticated user can read arbitrary files from the server by supplying a local file path e.g. /etc/passwd as a font data chunk in the create-font-variant RPC endpoint, resulting in the file...

SUSE-SU-2026:0489-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: - CVE-2025-38352: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel bsc1249205. - CVE-2025-39742: RDMA: hfi1: fix possible...

OPENSUSE-SU-2026:10140-1 patch-2.8-2.1 on GA media

These are all security issues fixed in the patch-2.8-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-13918

Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are...

SUSE-SU-2026:20165-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue The following security issue was fixed: - CVE-2025-40212: nfsd: fix refcount leak in nfsdsetfhdentry bsc1254196...

SUSE-SU-2026:20163-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue The following security issue was fixed: - CVE-2025-40212: nfsd: fix refcount leak in nfsdsetfhdentry bsc1254196...

SUSE-SU-2026:20148-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise kernel 6.12.0-160000.7.1 fixes one security issue The following security issue was fixed: - CVE-2025-40212: nfsd: fix refcount leak in nfsdsetfhdentry bsc1254196...

SUSE CVE-2025-15506

A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has...

CVE-2026-21491

CVE-2026-21491 affects iccDEV libraries prior to version 2.3.1.2. The vulnerability is a Unicode buffer overflow in CIccTagTextDescription when processing ICC color profiles. Version 2.3.1.2 contains a patch; no workarounds are noted in the provided documents. Remediate by upgrading to 2.3.1.2 or...

binutils: GNU Binutils Linker heap-based overflow

A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

binutils: GNU Binutils Linker heap-based overflow

A head based buffer overflow flaw has been discovered in GNU bin utilities. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution...

GHSA-4QG8-FJ49-PXJH Sigstore Timestamp Authority allocates excessive memory during request parsing

Impact Excessive memory allocation Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type header which is also untrusted data on an application string...

Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. CVE-2025-38616: tls: handle data disappearing from unde...

SUSE-SU-2025:4208-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm interface bsc1248672. - CVE-2025-38616: tls: handle data disappearing from...

SUSE-SU-2025:03646-1 Security update for the Linux Kernel RT (Live Patch 2 for SLE 15 SP7)

This update for the Linux Kernel 6.4.0-15070078 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...