570 matches found
ROOT-APP-PYPI-CVE-2026-27459 CVE-2026-27459 in rootio-pyOpenSSL - Patched by Root
Root has patched CVE-2026-27459 in the rootio-pyOpenSSL package for Root:PyPI. Multiple fixed versions available...
Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft apps. Any other app on the same phone could ask for the signed-in user's token and get it, then read email, open files, browse t...
ROOT-OS-UBUNTU-2404-CVE-2025-40086 CVE-2025-40086 in rootio-linux - Patched by Root
Root has patched CVE-2025-40086 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38425 CVE-2025-38425 in rootio-linux - Patched by Root
Root has patched CVE-2025-38425 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23006 CVE-2026-23006 in rootio-linux - Patched by Root
Root has patched CVE-2026-23006 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-71286 CVE-2025-71286 in rootio-linux - Patched by Root
Root has patched CVE-2025-71286 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2024-58076 CVE-2024-58076 in rootio-linux - Patched by Root
Root has patched CVE-2024-58076 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37805 CVE-2025-37805 in rootio-linux - Patched by Root
Root has patched CVE-2025-37805 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-68220 CVE-2025-68220 in rootio-linux - Patched by Root
Root has patched CVE-2025-68220 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-71237 CVE-2025-71237 in rootio-linux - Patched by Root
Root has patched CVE-2025-71237 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37773 CVE-2025-37773 in rootio-linux - Patched by Root
Root has patched CVE-2025-37773 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-31441 CVE-2026-31441 in rootio-linux - Patched by Root
Root has patched CVE-2026-31441 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-21913 CVE-2025-21913 in rootio-linux - Patched by Root
Root has patched CVE-2025-21913 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40024 CVE-2025-40024 in rootio-linux - Patched by Root
Root has patched CVE-2025-40024 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-46012 CVE-2026-46012 in rootio-linux - Patched by Root
Root has patched CVE-2026-46012 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-38645 CVE-2025-38645 in rootio-linux - Patched by Root
Root has patched CVE-2025-38645 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37901 CVE-2025-37901 in rootio-linux - Patched by Root
Root has patched CVE-2025-37901 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2026-23103 CVE-2026-23103 in rootio-linux - Patched by Root
Root has patched CVE-2026-23103 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
EUVD-2026-33987
authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, the SAML source response processor ResponseProcessor.parse does not validate the Conditions element on assertions. NotBefore, NotOnOrAfter, and AudienceRestriction are all ignored. This allows replay of expir...
EUVD-2026-33957
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...