[SECURITY] Fedora 43 Update: djvulibre-3.5.30-1.fc43

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

[SECURITY] Fedora 43 Update: haveged-1.9.22-1.fc43

A Linux entropy source using the HAVEGE algorithm Haveged is a user space entropy daemon which is not dependent upon the standard mechanisms for harvesting randomness for the system entropy pool. This is important in systems with high entropy needs or limited user interaction e.g. headless server...

CVE-2026-9831

creationtimestamp| type| source ---|---|--- 2026-05-30 00:54:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmztnoflw42m 2026-05-30 04:30:24+00:00| seen| https://infosec.exchange/users/offseq/statuses/116661644427991878 2026-05-30 04:30:27+00:00| seen|...

CVE-2026-46820

creationtimestamp| type| source ---|---|--- 2026-05-30 00:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmzsonegrk2z...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. YAMCS has a security vulnerability that stems from the lack of rate limits...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. Yamcs has a security vulnerability that stems from allowing enumeration of users...

Yamcs security vulnerabilities

Yamcs is an open-source software framework developed by Yamcs. It is used for commanding and controlling spacecraft, satellites, payloads, ground stations, and ground equipment. There are security vulnerabilities in YAMCS, and attackers can exploit these vulnerabilities to perform LDAP injection...

Student-Management-System SQL注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. Version 1.0 of Student-Management-System has a SQL injection vulnerability; this vulnerability stems from the email parameter on the login page, which may lead to remote attacks...

PT-2026-45111

MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to email.php with crafted SQL payloads in the 'id' parameter to...

Notepad++ security vulnerabilities

Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Notepad++ has security vulnerabilities, and attackers can exploit these vulnerabilities to execute arbitrary code...

ECHO-3121-398F-600E

Bulletin has no description...

CVE-2026-47740

creationtimestamp| type| source ---|---|--- 2026-05-29 23:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmznch3ugc2m...

CVE-2026-10107

creationtimestamp| type| source ---|---|--- 2026-05-29 22:28:33+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mmzlicfzir2o 2026-05-30 20:01:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3tqyigao2p...

CVE-2026-45613

creationtimestamp| type| source ---|---|--- 2026-05-29 22:23:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzlahikt42i...

CVE-2026-4387

creationtimestamp| type| source ---|---|--- 2026-05-29 22:18:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzkxilymg25 2026-06-01 17:07:54+00:00| seen| https://bsky.app/profile/1cemoon.bsky.social/post/3mnakxoqqss2v 2026-06-01 17:48:52+00:00| seen|...

CVE-2026-45352

creationtimestamp| type| source ---|---|--- 2026-05-29 22:13:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzkojscxo24...

CVE-2026-47266

creationtimestamp| type| source ---|---|--- 2026-05-29 22:08:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzkfldrxk25...

GHSA-X628-457G-2PW9 Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders

Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...

Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders

Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...

CVE-2026-48811

creationtimestamp| type| source ---|---|--- 2026-05-29 22:04:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzk5vpbtf27...