PT-2026-34613

Name of the Vulnerable Software and Affected Versions Nuclei versions 3.0.0 through 3.7.9 Description A flaw in the JavaScript protocol runtime's module loading system allows JavaScript templates to read local .js and .json files from the host filesystem. This occurs because the require function...

RHEL 7 : java-1.8.0-openjdk (RHSA-2026:9682)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9682 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013529 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its...

Important: java-25-openjdk security update

The OpenJDK 25 packages provide the OpenJDK 25 Java Runtime Environment and the OpenJDK 25 Java Software Development Kit. Security Fixes: JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improved Arena allocations CVE-2026-22008 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK:...

openSUSE 16 Security Update : go1.25 (openSUSE-SU-2026:20496-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20496-1 advisory. Update to go1.25.8 bsc1244485: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27139: os: FileInfo ca...

CVE-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

CVE-2026-22008

Vulnerability in Oracle Java SE component: Libraries. The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this...

SUSE-SU-2026:21268-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy manageme...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet9.0: aspnetcore-runtime-9.0-9.0.15-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-9.0-9.0.15-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-9.0-9.0.15-1.hum1 aarch64, x8664...

OSV-2026-603 UNKNOWN READ in <wasmtime::runtime::func::Func>::call_unchecked_raw::<

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=504268343 Crash type: UNKNOWN READ Crash state: ::calluncheckedraw::::callimpldocall:: wasmtimeinternalfiber::stackswitch::x8664::wasmtimefiberstart...

Evaluating LLM-Generated Obfuscated XSS Payloads for Machine Learning-Based Detection

Cross-site scripting XSS remains a persistent web security vulnerability, especially because obfuscation can change the surface form of a malicious payload while preserving its behavior. These transformations make it difficult for traditional and machine learning-based detection systems to reliab...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011089)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011089 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pmruntimegetsync will increment pm...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011303)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011303 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010889)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010889 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtasosterm It's unsafe to use rtasbusydelay to handle a busy...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011126)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011126 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013097 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011125 advisory. In the Linux kernel, the following vulnerability has been resolved: coresight: cti: Fix hang in ctidisablehw ctienablehw and ctidisablehw are called from an atomic...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010842)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010842 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: ti: dra7-atl: Fix reference leak in ofdra7atlclkprobe pmruntimegetsync will increment pm usa...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet10.0: aspnetcore-runtime-10.0-10.0.6-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-10.0-10.0.6-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-10.0-10.0.6-1.hum1 aarch64, x8664...

ai.pipestream:account-service (>=0.0.2 <=0.0.4), ai.pipestream:connector-admin-service (>=0.1.1 <=0.1.8) +435 more potentially affected by CVE-2026-33558 via org.apache.kafka:kafka-clients (=4.0.0)

org.apache.kafka:kafka-clients MAVEN version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kafka:kafka-clients and may be impacted: - ai.pipestream:account-service =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.2.7, =0.1.7, =0.0.6,...