CVE-2026-26961 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

CVE-2026-34835 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

CVE-2026-34827 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

CVE-2026-39324 vulnerabilities

Vulnerabilities for packages: ruby4.0-rails, ruby3.3-rails, ruby3.4-rails, ruby3.2-rails, logstash...

CVE-2026-34230 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

GHSA-QFGR-CRR9-7R49 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

CVE-2026-34829 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

GHSA-7MQQ-6CF9-V2QP vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, logstash, ruby3.2-rails...

CVE-2026-26962 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails...

CVE-2026-39324 vulnerabilities

Vulnerabilities for packages: pact-broker-docker, ruby3.4-rails, logstash, ruby3.2-rails, ruby4.0-rails, ruby3.3-rails, pact-broker-docker-fips...

GHSA-33QG-7WPP-89CQ vulnerabilities

Vulnerabilities for packages: pact-broker-docker, ruby3.4-rails, logstash, ruby3.2-rails, ruby4.0-rails, ruby3.3-rails, pact-broker-docker-fips...

Important Photon OS Security Update - PHSA-2026-5.0-0816

Updates of 'python3-PyJWT', 'rubygem-rdiscount' packages of Photon OS have been released...

SUSE CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

EUVD-2026-20994

bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts...

EUVD-2026-20996

bsv-sdk and bsv-wallet persist unverified certifier signatures in acquirecertificate direct and issuance paths...

Improper Check for Unusual or Exceptional Conditions

Overview bsv-sdk is an A Ruby library for interacting with the BSV Blockchain — keys, scripts, transactions, and more. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to improper handling of ARC broadcaster responses i. An attacker can...

CVE-2026-40069

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

CVE-2026-40070 bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...

CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

CVE-2026-40069

The vulnerability affects the BSV Ruby SDK (gem) prior to version 0.8.2, specifically BSV::Network::ARC failure detection. From 0.1.0 to 0.8.1, ARC only recognizes REJECTED and DOUBLE_SPEND_ATTEMPTED; responses with txStatus values INVALID, MALFORMED, MINED_IN_STALE_BLOCK, or any ORPHAN-containin...