SUSE-SU-2026:21809-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

SUSE-SU-2026:21760-1 Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

SUSE-SU-2026:21806-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

SUSE-SU-2026:1917-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.25 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

PT-2026-41640

Name of the Vulnerable Software and Affected Versions Mattermost versions 11.5.0 through 11.5.1 Mattermost versions 10.11.0 through 10.11.13 Mattermost versions 11.4.0 through 11.4.3 Description An issue exists during shared channel membership sync where the system fails to validate if a remote...

PT-2026-41733

Name of the Vulnerable Software and Affected Versions mlflow versions prior to 3.11.0 Description The get or create nfs tmp dir function in mlflow/utils/file utils.py creates temporary directories with world-writable permissions 0o777, and the create model downloading tmp dir function in...

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Vulnerabilities exist in Mattermost versions 11.5.1 and earlier of the 11.5.x series, as well as versions 10.11.13 and earlier of the 10.11.x series, and 11.4.3 and earlier of the 11.4.x series. Thes...

SUSE-SU-2026:1908-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.34 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2026:1904-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. CVE-2026-46300: net: skbuff: propagate shared-frag marker...

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.19 fixes one security issue The following security issue was fixed: CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2026:1878-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.47 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

CLSA-2026-1778930898 kernel: Fix of CVE-2026-46300

ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300...

CLSA-2026-1778863931 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker through skbgroreceive + skbshift CVE-2026-46300...

CLSA-2026-1778896895 kernel: Fix of 2 CVEs

ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300 - can: raw: fix ro-uniq use-after-free in rawrcv CVE-2026-31532...

SUSE-SU-2026:1877-1 Security update for the Linux Kernel (Live Patch 35 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.136 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

Cross-site Scripting (XSS)

FileBrowser Quantum is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper escaping of user-controlled share metadata fields when rendered in HTML using text/template, which allows an attacker to inject and execute malicious scripts when users visit a shared URL...

CVE-2026-44504

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

AlmaLinux 8 : ALSA-2026:A008kernel (ALSA-2026:A008)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:A008 advisory. kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-46300 kernel: ptrace: require CAPSYSPTRACE when task has no mm...