Alibaba Cloud Linux 3 : 0133: glib2 (ALINUX3-SA-2026:0133)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0133 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14087: A flaw was found in GLib...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the inversion dependency warning when enabling IPsec tunnel. Attempts to enable IPsec packet offloading in tunnel mode in the debug kernel generate the following kernel panic, due to two issues: 1. In the SA a...

Astra Linux - уязвимость в strongswan

StrongSwan before version 5.9.12 has a buffer overflow vulnerability, and there is a possibility of unauthenticated remote code execution through a DH public key value that exceeds the internal buffer of charon-tkm’s DH proxy. The earliest affected version is 5.3.0. An attack can occur through a...

CVE-2026-6367 Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 11.3.0 before 11.3.7...

CVE-2026-6366 Drupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

CVE-2026-6365 Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal core allows Cross-Site Scripting XSS. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...

Advisory ROSA-SA-2026-3274

software: vim 9.2.0173 WASP: ROSA-CHROME unaffected versions = vim-9.2.0173-1 affected versions vim-9.2.0173-1 CVE-ID: CVE-2026-28417 BDU-ID: 2026-02589 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the vim text editor is related to failure to take measures to neutralize special elements...

Alibaba Cloud Linux 3 : 0102: openssh (ALINUX3-SA-2026:0102)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0102 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-35385: In OpenSSH before 10.3, a...

RockyLinux 8 : krb5 (RLSA-2026:16799)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NUL...

Alibaba Cloud Linux 3 : 0001: kernel-hotfix (ALINUX3-HOTFIX-SA-2026:0001)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-HOTFIX-SA-2026:0001 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-43284: In the Linux kernel, the...

CLSA-2026-1777548877 spamassassin: Fix of CVE-2018-11805

CVE-2018-11805: require --reallyallowplugins for sa-update --allowplugins to mitigate plugin injection from updates...

spamassassin: Fix of CVE-2018-11805

CVE-2018-11805: require --reallyallowplugins for sa-update --allowplugins to mitigate plugin injection from updates...

Astra Linux - уязвимость в sysstat

sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remapstruct in sacommon.c...

CLSA-2026-1777539688 sysstat: Fix of 2 CVEs

CVE-2022-39377: sizet overflow in allocatestructures sacommon.c may cause buffer overflow leading to RCE - CVE-2023-33204: integer overflow in checkoverflow common.c - incomplete fix for CVE-2022-39377...

Security update for strongswan (important)

openSUSE security update: security update for strongswan ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20547-1 Rating: important References: bsc1257359 bsc1259472 Cross-References: CVE-2025-9615 CVE-2026-25075 CVSS scores: CVE-2025-9615 SUSE : 5.5...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013007)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013007 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in kssarnginit Fix division by zero in kssarnginit caused by...

OPENSUSE-SU-2026:20547-1 Security update for strongswan

This update for strongswan fixes the following issues: Update to strongswan 6.0.4: - CVE-2025-9615: NetworkManager File Access bsc1257359. - CVE-2026-25075: Integer Underflow When Handling EAP-TTLS AVP bsc1259472. Changes for strongswan: - Fixed a vulnerability in the NetworkManager plugin that...

SUSE-SU-2026:21203-1 Security update for strongswan

This update for strongswan fixes the following issues: Update to strongswan 6.0.4: - CVE-2025-9615: NetworkManager File Access bsc1257359. - CVE-2026-25075: Integer Underflow When Handling EAP-TTLS AVP bsc1259472. Changes for strongswan: - Fixed a vulnerability in the NetworkManager plugin that...

CVE-2026-3212 Tagify - Moderately critical - Cross-site scripting - SA-CONTRIB-2026-013

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Tagify allows Cross-Site Scripting XSS.This issue affects Tagify: from 0.0.0 before 1.2.49...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2026-1637)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...