go-fdo-server security update

An update is available for go-fdo-server. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list This package provides a server-side implementation of the FIDO Device...

RLSA-2026:19137 Important: go-fdo-server security update

This package provides a server-side implementation of the FIDO Device Onboard FDO specification, written in Go. FDO is an open standard for the late binding of device credentials, allowing for automated and secure on-boarding of devices when they are first powered on in their final location...

Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access OIDC Provider

Summary Security vulnerabilities have been addresed in IBM Verify Identity Access OIDC Provider Vulnerability Details CVEID:CVE-2026-39883 DESCRIPTION: OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to...

CVE-2026-41476

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of...

EUVD-2026-25622

Deskflow is a keyboard and mouse sharing app. Prior to 1.26.0.138, a remote memory-safety vulnerability in Deskflow's clipboard deserialization allows a connected peer to trigger an out-of-bounds read by sending a malformed clipboard update. The issue is in the implementation of...

pgx contains memory-safety vulnerability

pgx is a pure Go driver and toolkit for PostgreSQL. pgx prior to v5.9.0 contains a memory-safety vulnerability...

CVE-2026-33816

Memory-safety vulnerability in github.com/jackc/pgx/v5...

CVE-2026-33815

Memory-safety vulnerability in github.com/jackc/pgx/v5...

CVE-2026-33815

Memory-safety vulnerability in github.com/jackc/pgx/v5...

CVE-2026-33815 CVE-2026-33815 in github.com/jackc/pgx

Memory-safety vulnerability in github.com/jackc/pgx/v5...

PT-2026-30882

Name of the Vulnerable Software and Affected Versions github.com/jackc/pgx/v5 affected versions not specified Description A memory-safety issue exists in github.com/jackc/pgx/v5. This is a memory safety vulnerability. Recommendations At the moment, there is no information about a newer version th...

KLA90969 Multiple vulnerabilities in Mozilla Thunderbird ESR

Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Memory safety vulnerability can be exploited to execute arbitrary code. 2. Incorrec...

KLA90958 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of...

KLA90955 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of...

Mozilla Firefox < 148.0.2

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 148.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-19 advisory. - Memory safety bugs present in Firefox 148.0.2. Some of these bugs showed evidence of memory corruption and...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing bs-cur after it has been released, potentially leading to reuse after release...

curl: Use-After-Free in curl_easy_nextheader when reusing header handle across requests

. The API returns struct curlheader objects that internally reference libcurl-owned linked list nodes. When a new request is performed on the same CURL handle, libcurl frees and rebuilds the internal header list, but previously returned struct curlheader objects remain valid to the application an...

KLA90835 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. Denial of...

📄 Adobe DNG SDK Linearize Out-Of-Bounds Read

A memory safety vulnerability exists in Adobe DNG SDK versions prior to 1.7.1.2410 that affects the Linearize image processing routine. When handling trimmed source images, the function erroneously performs operations using full image dimensions, resulting in an out‑of‑bounds read condition. This...

KLA90828 Multiple vulnerabilities in Foxit Reader

Multiple vulnerabilities were found in Foxit Reader. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. Use after free vulnerability can be exploited to cause denial of service or...