CLEANSTART-2026-QI35149 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

UBUNTU-CVE-2026-0964

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue...

n8n Node.js Package < 1.123.12 / 2.x < 2.4.0 Arbitrary File Write via SSH Node (CVE-2026-25055)

The version of the n8n Node.js Package installed on the remote host is prior to 1.123.12, or 2.x prior to 2.4.0. It is, therefore, affected by an arbitrary file write vulnerability: - When workflows process uploaded files and transfer them to remote servers via the SSH node without validating the...

openSUSE 16 Security Update : tailscale (openSUSE-SU-2026:20192-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20192-1 advisory. Changes in tailscale: - Update to version 1.94.0: IS SET and NOT SET have been added as device posture operators India DERP Region City Name...

GitLab 12.3 < 18.6.4 / 18.7 < 18.7.2 / 18.8 < 18.8.2 (CVE-2026-1102)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a...

Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics

Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Local. Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause no confidentiality impact, high integrity impac...

Security update for apptainer

This update for apptainer fixes the following issues: Security fixes: CVE-2024-45310: Fixed runc being tricked into creating empty files/directories on host bsc1257432 CVE-2025-65105: Fixed security bypass due to disabling security options bsc1255462 CVE-2025-47914: Fixed malformed constraint may...

PT-2026-7491

A stack-use-after-return issue exists in the Arduino Core STM32 library prior to version 1.7.0. The pwm start function allocates a TIM HandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the functi...

OPENSUSE-SU-2026:20192-1 Security update for tailscale

This update for tailscale fixes the following issues: Changes in tailscale: - Update to version 1.94.0: IS SET and NOT SET have been added as device posture operators India DERP Region City Name updated Custom DERP servers support GCP Certificate Manager Tailscale SSH authentication, when...

CVE-2025-14821

A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH Secure Shell connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communications via an...

libssh 安全漏洞

libssh is a C-language development package from the libssh organization, designed for accessing SSH services. It can execute remote commands, transfer files, and provide a secure transmission channel for remote programs. libssh has a security vulnerability that stems from malformed SFTP messages,...

Siemens SCALANCE and RUGGEDCOM Missing Authentication for Critical Function (CVE-2025-32433)

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

How to Change Where Logs are Stored on the Veeam Appliances

Changing Log Location Will Break Automated Log Collection The automated log collection tools built into both the Veeam Backup & Replication Web UI of the Veeam Software Appliance and the "Create support bundle" function within the Host Management Console collect logs only from the default log...

Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization

Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2025-65637 DESCRIPTION: A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger th...

Vulnerabilities fixed in n8n

n8n has fixed vulnerabilities in versions 1.114.3, 1.115.0, 1.123.17, 2.5.2, 1.122.5, 1.123.2, 1.123.18, 2.5.0, 1.123.10, 2.5.0, 2.2.1, 1.123.9, 1.123.12, 2.4.0, 1.118.0, 2.4.0, 2.4.8, and 1.120.3. The vulnerabilities include the use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow, which can lea...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Cloudkit are now addressed in 5.2.3.6 and 6.0.0.1 (CVE-2025-47914, CVE-2025-58181, CVE-2025-47913)

Summary The following security vulnerabilities impacting deployments utilizing IBM Storage Scale CloudKit have been addressed in 5.2.3.6 and later, and 6.0.0.1 and later. These issues could have resulted in reduced security assurances under certain configurations. Vulnerability Details...

sb-poc-web

StackBill Deployer Web-based deployment portal for StackBill...

CVE-2026-25499

Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...

CLEANSTART-2026-JQ02410 SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption

Multiple security vulnerabilities affect the argo-workflows-fips package. SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. See references for individual vulnerability...

CLEANSTART-2026-WK88787 SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption

Multiple security vulnerabilities affect the argo-workflows-fips package. SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. See references for individual vulnerability...