Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005643 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, t...

CVE-2025-66168

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005458)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005458 advisory. In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in...

CVE-2026-1713

IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD...

CVE-2026-1713

IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0 through 9.4.4.1 CD...

CVE-2026-22886

OpenMQ exposes a TCP-based management service imqbrokerd that by default requires authentication. However, the product ships with a default administrative account admin/ admin and does not enforce a mandatory password change on first use. After the first successful login, the server continues to...

IBM MQ 9.1 < 9.1.0.34 LTS / 9.2 < 9.2.0.41 LTS / 9.3 < 9.3.0.37 LTS / 9.3 < 9.4.5 CD / 9.4 < 9.4.0.20 LTS (7261944)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7261944 advisory. - IBM MQ 9.1.0.0 through 9.1.0.33 LTS, 9.2.0.0 through 9.2.0.40 LTS, 9.3.0.0 through 9.3.0.36 LTS, 9.30.0 through 9.3.5.1 CD, 9.4.0.0 through 9.4.0.17 LTS, and 9.4.0.0...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005560)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005560 advisory. In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005442)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005442 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, t...

Security Bulletin: IBM MQ is affected by multiple CVEs (CVE-2025-11187, CVE-2025-15467, CVE-2025-15468, CVE-2025-15469, CVE-2025-66199, CVE-2025-68160, CVE-2025-69418, CVE-2025-69419, CVE-2025-69420, CVE-2025-69421, CVE-2026-22795, CVE-2026-22796)

Summary Multiple issues were identified with OpenSSL, which IBM MQ on the IBM i platform uses within the Advanced Message Security feature to provide cryptographic functionality. It is not used for transport layer security TLS functionality for IBM MQ channel connections, which is provided by the...

Log injection vulnerability in IBM MQ Operator and IBM-supplied MQ Advanced container images

IBM MQ is a messaging middleware product from International Business Machines IBM. The product focuses on providing a reliable, proven messaging backbone for Service Oriented Architecture SOA. IBM-supplied MQ Advanced container images are standard container images officially provided by IBM,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005556)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005556 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenar...

net: sock: fix hardened usercopy panic in sock_recv_errqueue

...

Security Bulletin: IBM MQ Appliance is affected by an authority vulnerability (CVE-2026-1713)

Summary IBM MQ Appliance has addressed an authority vulnerability. Vulnerability Details CVEID:CVE-2026-1713 DESCRIPTION: IBM MQ is affected by an authority vulnerability allowing users access to SYSTEM.AUTH.DATA.QUEUE. CWE:CWE-305: Authentication Bypass by Primary Weakness CVSS Source: IBM CVSS...

CVE-2026-3170

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be executed...

CVE-2026-3171

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipulation of the argument firstname/lastname causes cross site scripting. The attack is possible to b...

Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities

Summary Multiple security vulnerabilities in the dependent components have been addressed in the latest update to IBM Security Verify Governance. Vulnerability Details CVEID:CVE-2025-39697 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updati...

kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

EUVD-2026-8633

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipulation of the argument firstname/lastname causes cross site scripting. The attack is possible to b...

EUVD-2026-8628

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be executed...