RLSA-2026:22145 Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

ALSA-2026:22145 Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268 and CVE-2026-22007 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION:...

RLSA-2026:21294 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.117 and .NET Runtime...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure

Wiz CIRT and Wiz Research detail JINX-0164, a threat actor using LinkedIn social engineering, custom macOS malware, and CI/CD hijacking to target cryptocurrency organizations...

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.127 and .NET Runtime...

Fedora 44 : dotnet9.0 (2026-9c63a012b9)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9c63a012b9 advisory. Update to .NET SDK 9.0.117 and Runtime 9.0.16 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

Fedora 43 : dotnet8.0 (2026-3e509b1444)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3e509b1444 advisory. Update to .NET SDK 8.0.127 and Runtime 8.0.27 Fixes: CVE-2026-32175,CVE-2026-32177,CVE-2026-35433,CVE-2026-42899 Release Notes: - SDK:...

[SECURITY] Fedora 42 Update: dotnet9.0-9.0.117-1.fc42

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

[SECURITY] Fedora 44 Update: dotnet10.0-10.0.108-1.fc44

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

[SECURITY] Fedora 44 Update: dotnet9.0-9.0.117-1.fc44

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

Astra Linux - уязвимость в exempi

The XMP Toolkit SDK versions 2020.1 and earlier are affected by a use-after-free vulnerability that could lead to arbitrary code execution in the context of the current user. Exploiting this issue requires user interaction—that is, the victim must open a malicious file...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2026) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2026. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitab...

[SECURITY] Fedora 44 Update: open-amp-2026.04.0-1.fc44

The OpenAMP framework provides software components that enable development of software applications for Asymmetric Multiprocessing AMP systems...

Azure SDK for Java Security Feature Bypass Vulnerability

The Java Key Vault Keys library in the Azure SDK for Java contains an issue in the local cryptographic verification path where authentication tag comparison was implemented incorrectly. In affected applications that use the vulnerable local cryptography path, specially crafted encrypted input may...

Malicious code in @supersurkhet/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dca9eab30c0c493a8981f3457e80b67d82738a2a23c3e4273d09885737a2306c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 42 Update: dotnet10.0-10.0.107-1.fc42

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

Security Bulletin: Vulnerabilities have been identified in IBM® SDK, Java™ Technology Edition shipped with IBM Buinses Automation Workflow due to the April 2026 Java CPU

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about security vulnerabilities in IBM® SDK, Java™ Technology Edition affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability...

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the lack of exposure of the HMAC-SHA256 signing key in the SDK's typed API, which prevents verification of the X-AxonFlow-Signature header on incoming webhook deliveries. An attack...