EUVD-2026-19635

An issue that allowed MCP agents to access remediation and asset information from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. Th...

EUVD-2026-19703

An issue that could allow a credential to be updated and used for a task from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. This...

Oracle Linux 8 : python3 (ELSA-2026-6473)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6473 advisory. 3.6.8-75.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-75 - Security fix for...

CVE-2026-28868

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory...

Oracle Linux 8 : python3 (ELSA-2026-5588)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5588 advisory. 3.6.8-74.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-74 - Security fix for...

SUSE-SU-2026:0514-1 Security update for cargo-auditable

This update for cargo-auditable fixes the following issues: Update to version 0.7.20. Security issues fixed: - CVE-2026-25727: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257906. Other updates and bugfixes: - Update to version 0.7.20: mention...

Oracle Linux 8 : python3 (ELSA-2026-1631)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-1631 advisory. 3.6.8-72.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8.openela.0 - Add openela to supported dists 3.6.8-72 - Security fix for...

OPEXUS eCASE

RISK EVALUATION OPEXUS eCASE Audit contains multiple vulnerabilities. An authenticated attacker could bypass authorization or inject JavaScript that could be executed in the context of other users. 2. RECOMMENDED PRACTICES Update to eCase Audit v11.14.2.0 and eCase Platform v11.14.1.0. 3...

Security Bulletin: Due to use of Java SE, IBM Security SOAR is affected by unspecified vulnerabilities (CVE-2025-53066 & CVE-2025-53057)

Summary IBM Security SOAR uses Java SE library internally. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability...

[SECURITY] Fedora 41 Update: webkitgtk-2.50.1-1.fc41

WebKitGTK is the port of the WebKit web rendering engine to the GTK platform...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.17.43 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.23 security and extras update

Red Hat OpenShift Container Platform release 4.18.23 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

PT-2025-33670 · Liferay · Liferay Portal +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.3.0 through 7.4.3.132 Liferay DXP versions 2025.Q1 through 2025.Q1.6 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through 2024.Q3.13 Liferay DXP versions 2024.Q2.0 through 2024.Q2.1...

Stable Channel Update for Desktop

The Stable channel has been updated to 139.0.7258.127/.128 for Windows, Mac and 139.0.7258.127 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

RHSA-2025:9766 Red Hat Security Advisory: OpenShift Container Platform 4.16.43 packages and security update

Bulletin has no description...

CVE-2025-5182

A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1 and classified as critical. This vulnerability affects unknown code of the component Listing Handler. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgradin...

CVE-2023-28200

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory...

CVE-2021-1833

This issue was addressed with improved checks. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to gain elevated privileges...

[SECURITY] Fedora 41 Update: dotnet9.0-9.0.104-1.fc41

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

CVE-2025-22603 AutoGPT SSRF vulnerability

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery SSRF vulnerability inside component or block Send Web Request. The...