PT-2026-46101

Impact The USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the server filesystem - Perform...

Security update 5.0.6 for Multi-Linux Manager Client Tools

This update fixes the following issues: dracut-saltboot: Update to version 1.0.0 Reboot on salt key timeout bsc1237495 Fixed parsing files with space in the name bsc1252100 grafana was updated from version 11.5.5 to 11.5.10: Security issues fixed: CVE-2025-47911: Fix parsing HTML documents...

CVE-2024-41662 VNote vulnerable to Markdown XSS, which leads to RCE

VNote is a note-taking platform. A Cross-Site Scripting XSS vulnerability has been identified in the Markdown rendering functionality of versions 3.18.1 and prior of the VNote note-taking application. This vulnerability allows the injection and execution of arbitrary JavaScript code through which...