CVE-2026-45080 Klaw: Improper Access Control Allows Disclosure of Password Hash

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...

EUVD-2026-33953

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redis error replies can contain attacker-controlled or sensitive values, this behavior can exfiltrate...

CVE-2026-45678

The CVE-2026-45678 vulnerability affects OpenTelemetry eBPF Instrumentation before version 0.9.0, where the Postgres BIND parsing logic mishandles BIND payloads that are empty or unterminated. The issue arises in the Postgres protocol parser that assumes a NUL-terminated portal name; a crafted pa...

ROOT-APP-MAVEN-CVE-2026-43512 CVE-2026-43512 in io.root.org.apache.tomcat.embed:tomcat-embed-core - Patched by Root

Root has patched CVE-2026-43512 in the io.root.org.apache.tomcat.embed:tomcat-embed-core package for Root:Maven. Multiple fixed versions available...

Apache Superset - Authentication Bypass

Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRETKEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not affect Superset...

Codoforum 5.1 - Arbitrary File Upload

Codoforum 5.1 contains an arbitrary file upload vulnerability via the logo change option in the admin panel. An attacker can upload arbitrary files to the server, which in turn can be used to make the application execute file content as code. As a result, an attacker can potentially obtain...

MetInfo 7.0.0 beta - SQL Injection

MetInfo 7.0.0 beta is susceptible to SQL injection via the admin/?n=language&c=languagegeneral&a=doSearchParameter appno parameter a different issue than CVE-2019-16997. id: CVE-2019-17418 info: name: MetInfo 7.0.0 beta - SQL Injection author: ritikchaddha severity: high description: | MetInfo...

Sophos UTM Preauth - Remote Code Execution

Sophos SG UTMA WebAdmin is susceptible to a remote code execution vulnerability in versions before v9.705 MR5, v9.607 MR7, and v9.511 MR11. id: CVE-2020-25223 info: name: Sophos UTM Preauth - Remote Code Execution author: gy741 severity: critical description: Sophos SG UTMA WebAdmin is susceptibl...

Chamilo Command Injection

A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11. up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name. id: CVE-2023-34960 info: name: Chamilo Command Injection author: DhiyaneshDK severity: critical...

Security update for python-Twisted

This update for python-Twisted fixes the following issue CVE-2026-42304: Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression bsc1265265. Patch Instructions: To install this SUSE update use the SUSE...

ROOT-OS-DEBIAN-12-CVE-2023-31486 CVE-2023-31486 in rootio-perl - Patched by Root

Root has patched CVE-2023-31486 in the rootio-perl package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-31483 CVE-2026-31483 in rootio-linux - Patched by Root

Root has patched CVE-2026-31483 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-38619 CVE-2025-38619 in rootio-linux - Patched by Root

Root has patched CVE-2025-38619 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-68174 CVE-2025-68174 in rootio-linux - Patched by Root

Root has patched CVE-2025-68174 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-23420 CVE-2026-23420 in rootio-linux - Patched by Root

Root has patched CVE-2026-23420 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-40147 CVE-2025-40147 in rootio-linux - Patched by Root

Root has patched CVE-2025-40147 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-71130 CVE-2025-71130 in rootio-linux - Patched by Root

Root has patched CVE-2025-71130 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-31423 CVE-2026-31423 in rootio-linux - Patched by Root

Root has patched CVE-2026-31423 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-38535 CVE-2025-38535 in rootio-linux - Patched by Root

Root has patched CVE-2025-38535 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2025-68343 CVE-2025-68343 in rootio-linux - Patched by Root

Root has patched CVE-2025-68343 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...