3835 matches found
Stable Diffusion Webui 1.10.0 - Open Redirect
An open redirect vulnerability exists in Stable-Diffusion-Webui 1.10.0, where the file parameter in the /file= endpoint can be manipulated to redirect users to malicious websites. This could facilitate phishing attacks by tricking users into visiting attacker-controlled URLs. id: CVE-2024-11044...
[SECURITY] [DSA 6385-1] pgextwlist security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6385-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 08, 2026 https://www.debian.org/security/faq -...
CVE-2026-59820 LiteLLM: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.83.7-stable, LiteLLM Skills archive extraction did not sufficiently validate file paths from uploaded skill ZIP archives, allowing an authenticated user with access to LiteLLM LLM API routes or a key whos...
Stable Channel Update for Desktop
The Stable channel has been updated to 150.0.7871.114/.115 for Windows and Mac and 150.0.7871.114 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
PT-2026-56543
Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.83.7-stable Description LiteLLM, a proxy server used to call LLM APIs, contains a flaw in its Skills archive extraction process. An authenticated user with access to the LLM API routes or a key permitted to use...
PT-2026-56544
Name of the Vulnerable Software and Affected Versions LiteLLM versions prior to 1.82.0-stable Description LiteLLM is a proxy server that acts as an AI Gateway for calling LLM APIs. A flaw exists in the production create and update paths of the Custom Code Guardrails, which failed to apply the sam...
[SECURITY] [DSA 6382-1] postfix security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6382-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 07, 2026 https://www.debian.org/security/faq -...
[SECURITY] [DSA 6381-1] linux security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6381-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 05, 2026 https://www.debian.org/security/faq -...
Security update for docker-stable (important)
openSUSE security update: security update for docker-stable ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21205-1 Rating: important References: bsc1260279 bsc1265782 bsc1265907 bsc1265929 bsc1266625 bsc1267827 Cross-References: CVE-2026-33186...
OPENSUSE-SU-2026:21205-1 Security update for docker-stable
This update for docker-stable fixes the following issues - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 :path pseudo- header bsc1260279. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 150 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 150.0.7871.46 Linux 150.0.7871.46/.47 Windows/Mac contains a number of fixes and improvements -- a list of changes is...
[SECURITY] [DSA 6372-1] tor security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6372-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 28, 2026 https://www.debian.org/security/faq -...
Debian dsa-6364 : chromium - security update
The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6364 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6364-1 [email protected] https://www.debian.org/securit...
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.200/201 for Windows and Mac and 149.0.7827.200 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
CVE-2026-48704
Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...
EUVD-2026-39001
Warp is an agentic development environment. From 0.2025.08.06.08.12.stable00 until 0.2026.05.06.15.42.stable01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: mm/hugetlb: fixed hugetlbpmdshared. The patch series “mm/hugetlb: fixes for PMD table sharing including using mmugather”, version 3. One functional fix, one performance regression fix, and two related comment fixes. I updated ...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: lib/buildid: Use kernelread for the sleepable context. A bug has been prevented: “BUG: Unable to handle a NULL pointer dereferencing in filemapreadfolio.” For the sleepable context, change freader to use kernelread instead of...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘wireguard: device: enable threaded NAPI’” This resolution corresponds to commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c, which is a commit from upstream. We have received three independent reports from production users...
SUSE-SU-2026:2579-1 Security update for docker-stable
This update for docker-stable fixes the following issues: - CVE-2026-33997: Fixed privilege validation bypass during plugin bsc1265907. - CVE-2026-34040: Fixed Authz zero length regression bsc1265929...