Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013529 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its...

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

PT-2026-34613

Name of the Vulnerable Software and Affected Versions Nuclei versions 3.0.0 through 3.7.9 Description A flaw in the JavaScript protocol runtime's module loading system allows JavaScript templates to read local .js and .json files from the host filesystem. This occurs because the require function...

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20496-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20496-1 advisory. Update to go1.25.8 bsc1244485: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27139: os: FileInfo ca...

CVE-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

CVE-2026-22008

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

SUSE-SU-2026:21268-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy manageme...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet9.0: aspnetcore-runtime-9.0-9.0.15-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-9.0-9.0.15-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-9.0-9.0.15-1.hum1 aarch64, x8664...

OSV-2026-603 UNKNOWN READ in <wasmtime::runtime::func::Func>::call_unchecked_raw::<

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504268343 Crash type: UNKNOWN READ Crash state: ::calluncheckedraw::::callimpldocall:: wasmtimeinternalfiber::stackswitch::x8664::wasmtimefiberstart...

Evaluating LLM-Generated Obfuscated XSS Payloads for Machine Learning-Based Detection

Cross-site scripting XSS remains a persistent web security vulnerability, especially because obfuscation can change the surface form of a malicious payload while preserving its behavior. These transformations make it difficult for traditional and machine learning-based detection systems to reliab...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011303)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011303 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011125 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in ctidisablehw ctienablehw and ctidisablehw are called from an atomic...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011089 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pmruntimegetsync will increment pm...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010889 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtasosterm It's unsafe to use rtasbusydelay to handle a busy...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011126)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011126 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010842 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in ofdra7atlclkprobe pmruntimegetsync will increment pm usa...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013097 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible...

arbor-ai (>=0.1.5 <=0.1.14), coreason-runtime (>=0.1.0 <=0.3.0) +11 more potentially affected by CVE-2026-5760 via sglang (>=0.1.26 <=0.5.2)

sglang PYPI version =0.1.26, =0.1.5, =0.1.0, =1.1.0, =2.0.0b40, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.0.1.post1, =0.0.0, =0.8.0, =0.10.7 Source cves: CVE-2026-5760 Source advisory: SNYK:PYTHON-SGLANG-16114943...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet10.0: aspnetcore-runtime-10.0-10.0.6-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-10.0-10.0.6-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-10.0-10.0.6-1.hum1 aarch64, x8664...

ai.pipestream:account-service (>=0.0.2 <=0.0.4), ai.pipestream:connector-admin-service (>=0.1.1 <=0.1.8) +435 more potentially affected by CVE-2026-33558 via org.apache.kafka:kafka-clients (=4.0.0)

org.apache.kafka:kafka-clients MAVEN version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kafka:kafka-clients and may be impacted: - ai.pipestream:account-service =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.2.7, =0.1.7, =0.0.6,...