CVE-2026-4994 wandb OpenUI APIStatusError server.py generic_exception_handler information exposure

A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function genericexceptionhandler of the file backend/openui/server.py of the component APIStatusError Handler. The manipulation of the argument key results in information exposure through error message. Access to the...

CVE-2026-4994

CVE-2026-4994 affects wandb OpenUI up to 1.0/3.5-turb. The vulnerable component is generic_exception_handler in backend/openui/server.py of the APIStatusError Handler. The issue arises from manipulation of the argument key, leading to information exposure through error messages. Access to the loc...

SUSE SLES15: postgresql16 / postgresql16-contrib / postgresql16-devel / etc (SUSE-SU-2026:0784-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0784-1 advisory. This update for postgresql16 fixes the following issue: Update to version 16.13 bsc1258754. Regression fixes: - the substring function raise...

SUSE-SU-2026:0787-1 Security update for postgresql17

This update for postgresql17 fixes the following issue: Update to version 17.9 bsc1258754. Regression fixes: - the substring function raises an error 'invalid byte sequence for encoding' on non-ASCII text values if the source of that value is a database column caused by CVE-2026-2006 fix. - a...

CVE-2026-24332

Discord is reported to allow revealing whether a user is Invisible by returning a presences array in a WebSocket response that includes users marked as offline, exposing inconsistency with the UI description of Invisible. Affected scope is described across multiple sources (NVD, Red Hat advisory,...

CVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...

EUVD-2025-20913

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-53168

In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from bpf not marking ARGCONSTALLOCSIZEORZERO precision, which could result in a status error...

CVE-2025-47711

CVE-2025-47711 concerns the nbdkit server: when handling responses from plugins about data block status, a client requesting a very large range and receiving a larger single block can trigger a critical internal error, causing a denial of service. The connected advisories document affected distri...

CVE-2025-47711 Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

CVE-2025-47711 Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service

There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error,...

SUSE CVE-2022-49929

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr leak in RESPSTERRRNR rxerecheckmr will increase mr's refcnt, so we should call rxeputmr to drop mr's refcnt in RESPSTERRRNR to avoid below warning: WARNING: CPU: 0 PID: 4156 at...

CVE-2022-49479 mt76: fix tx status related use-after-free race on station removal

In the Linux kernel, the following vulnerability has been resolved: mt76: fix tx status related use-after-free race on station removal There is a small race window where ongoing tx activity can lead to a skb getting added to the status tracking idr after that idr has already been cleaned up, whic...

Unable to Remove Decommissioned Server from StoreFront

Unable to remove decommissioned server from StoreFront deployment using StoreFront GUI and Remove Server action. The console is stuck and the following error appears: “Cannot Remove Server” In this case, in the StoreFront console you might see the following warning message: In addition, the...

Update Rollup 7 for System Center 2012 R2 Orchestrator

Update Rollup 7 for System Center 2012 R2 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2012 R2 Orchestrator. It also contains the installation instructions for Update Rollup 7 for System Center 2012 R2 Orchestrator. Issu...

Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update

Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...