CVE-2026-46598 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-46598 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

CVE-2026-25680 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-25680 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

CVE-2026-50292 affecting package libinput for versions less than 1.25.0-2

CVE-2026-50292 affecting package libinput for versions less than 1.25.0-2. A patched version of the package is available...

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

CVE-2026-25681 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-25681 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2026-46328

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apparmor: fix rlimit for posix cpu timers Posix cpu timers requires an additional step beyond setting the rlimit. Refactor the code so its clear when what code ...

Linux Distros Unpatched Vulnerability : CVE-2026-52907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: rockchip: rkcif: fix off by one bugs Change these comparisons from vs = to avoid accessing one element beyond the end of the arrays. While at it, use...

CVE-2026-11477

A vulnerability was detected in hs-web hsweb-framework up to 5.0.1. This affects the function OAuth2Client of the file hsweb-authorization/hsweb-authorization-oauth2/src/main/java/org/hswebframework/web/oauth2/server/OAuth2Client.java of the component OAuth2 Client. The manipulation results in op...

Linux Distros Unpatched Vulnerability : CVE-2026-46291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: caam - guard HMAC key hex dumps in hashdigestkey Use printhexdumpdevel for dumping sensitive HMAC key bytes in hashdigestkey to avoid leaking secrets at...

Linux Distros Unpatched Vulnerability : CVE-2026-29167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

Linux Distros Unpatched Vulnerability : CVE-2026-11688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2026-11663

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a...

Linux Distros Unpatched Vulnerability : CVE-2026-11695

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2026-11658

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-46301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind CVE-2026-46301 Not...

Linux Distros Unpatched Vulnerability : CVE-2026-11645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Linux Distros Unpatched Vulnerability : CVE-2026-11684

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak...

Security update for polkit (moderate)

openSUSE security update: security update for polkit ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20925-1 Rating: moderate References: bsc1260859 Cross-References: CVE-2026-4897 CVSS scores: CVE-2026-4897 SUSE : 5.5...

CVE-2026-11487 Neovim View Branch secure.lua M.read command injection

A flaw has been found in Neovim up to 0.12.2. Affected by this issue is the function M.read of the file runtime/lua/vim/secure.lua of the component View Branch. Executing a manipulation of the argument path can lead to command injection. It is possible to launch the attack on the local host. The...