SafeGuard for Privileged Passwords < 7.5.2 - Authentication Bypass

One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations VMware or HyperV. The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2. id: CVE-2024-45488 info: name: SafeGuard for...

PT-2026-39745

🚨 High - urllib3 Sensitive Header Leak & Decompression Bomb Safeguard Bypass CVE-2026-31015 & CVE-2026-31020 Two critical vulnerabilities were identified in the urllib3 library Node.js/Python. The first flaw GHSA-qccp-gfcp-xxvc allows sensitive headers like Authorization and Cookie to be leaked...

MiracleLinux 8 : resource-agents-4.9.0-54.el8_10.27 (AXSA:2026-456:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-456:03 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

RHEL 8 : fence-agents (RHSA-2026:1240)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1240 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

SUSE-SU-2026:1248-1 Security update for the Linux Kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.113 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

Maintenance update for Multi-Linux Manager 5.0: Server, Proxy and Retail Branch Server

Description: This update fixes the following issues: branch-network-formula: Update to version 1.1.0 Enable containers on SLE15SP7 Exclude podman interfaces from sysctl setting cobbler: Compatibility fixes for tftpboot directory setup inter-server-sync: Version 0.3.10-0 Write log to a rotated fil...

CVE-2026-26278

CVE-2026-26278 affects the fast-xml-parser library. In versions 4.1.3 through 5.3.5, the XML parser could be forced into unbounded entity expansion, causing a single small XML input to consume seconds/minutes of CPU time and freeze the app. The issue is resolved in version 5.3.6. A workaround is ...

Important: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

Important: Red Hat Security Advisory: fence-agents security update

An update for fence-agents is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update...

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: python3.11-urllib3 security update

An update for python3.11-urllib3 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

MiracleLinux 9 : python3.12-urllib3-1.26.19-1.el9_7.1 (AXSA:2026-094:02)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-094:02 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

Safeguard: Security Controls at the Software Defined Network Layer

Improvements in software defined networking allow for policy to be informed and modified by data-driven applications that can adjust policy to accommodate fluctuating requirements at line speed. However, there is some concern that over-correction can occur and cause unintended consequences...

urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

...

CVE-2025-23870

Cross-Site Request Forgery CSRF vulnerability in wygk Copyright Safeguard Footer Notice copyright-safeguard-footer-notice allows Stored XSS.This issue affects Copyright Safeguard Footer Notice: from n/a through = 3.0...

One Identity Safeguard Named a Visionary in the 2025 Gartner Magic Quadrant for PAM

Alisa Viejo, CA, USA, 27th November 2025, CyberNewsWire...

kernel: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

Malicious code in wayspiritmcp-tpa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 523cbbda7a0fda2addfcd432b1bfcc1df072ee67a593ffce535b7da7005caae8 Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...