PYSEC-2026-192

Python Liquid is a Python engine for the Liquid template language. Prior to 2.2.0, the built-in FileSystemLoader and CachingFileSystemLoader do not guard against reading files outside their search paths when given an absolute path to resolve. This allows malicious template authors to load and...

RLSA-2026:19365 Important: jq security update

jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fixes: jq: out-of-bounds read in...

RLSA-2026:19358 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Denial of service due to use-after-free vulnerability...

RLSA-2026:19357 Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

RLSA-2026:19568 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-68741 kernel: libceph: make decodepool...

CVE-2026-46190

A flaw was found in the Linux kernel's Memory Technology Device MTD SPI-NOR debugfs component. An out-of-bounds read vulnerability exists in the spinorparamsshow function due to an incorrect calculation of an array's size. This error allows a local attacker to read memory outside of the intended...

CVE-2026-46181

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

CVE-2026-44594 esm.sh: Path Traversal via package.json browser field allows reading arbitrary server files

esm.sh is a no-build content delivery network CDN for web development. In 137 and earlier, a Local File Inclusion LFI vulnerability exists in the esbuild plugin's handling of the browser field in package.json. An attacker can publish an npm package that causes the server to read and return...

postfix: Fix of CVE-2026-43964

makedefs: support Linux kernel = 3 on build hosts - CVE-2026-43964: fix buffer over-read on enhanced status code without trailing text...

CVE-2026-9605

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

About Elevation of Privilege - Linux Kernel "Fragnesia" (CVE-2026-46300) vulnerability

About Elevation of Privilege - Linux Kernel "Fragnesia" CVE-2026-46300 vulnerability. The vulnerability was discovered by researcher William Bowling together with the V12 team. Fragnesia belongs to the class of Dirty Frag vulnerabilities. It is an error in the ESP/XFRM subsystem, distinct from...

kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq

A flaw was found in the Linux kernel's Wacom Human Interface Device HID driver. This vulnerability allows a remote attacker to trigger an out-of-bounds read by sending a specially crafted, short Bluetooth HID report. This can lead to the disclosure of sensitive information from the system's memor...

CVE-2026-49238 SFTP Server VM Escape in Canonical Multipass

An issue was discovered in Canonical Multipass before version 1.16.3. The host-side SFTP server component sshfsserver, which executes with root privileges on the host, contains a path containment bypass vulnerability within its validatepath function in src/sshfsmount/sftpserver.cpp. The function...

CVE-2026-48683

A flaw was found in FastNetMon Community Edition. This out-of-bounds read vulnerability in the NetFlow v9 data flowset processor allows a remote attacker to send specially crafted templates over unauthenticated UDP. This can lead to the disclosure of sensitive memory contents or cause a denial of...

Security update for apache2

This update for apache2 fixes the following issues CVE-2026-23918: http2: double free and possible RCE on early reset bsc1263957. CVE-2026-24072: modrewrite elevation of privileges via apexpr bsc1263935. CVE-2026-28780: heap buffer overflow in modproxyajp via ajpmsgcheckheader bsc1264163...

EUVD-2026-32865

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...