GHSA-6V7P-G79W-8964 vulnerabilities

Vulnerabilities for packages: openstack-placement-2026.1, openstack-keystone-2025.1-fips, synapse, dbt-bigquery, openstack-tempest-2026.1, openstack-keystone-2025.2-fips, openstack-tempest-2025.2, openstack-horizon-2025.2-fips, authentik, jupyter-all-spark-notebook, openstack-glance-2026.1-fips,...

CVE-2026-48584

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...

CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability

...

EUVD-2026-38088

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...

CVE-2026-48584

CVE-2026-48584 affects Microsoft Azure Synapse. An authorized attacker with low privileges and network access can execute with unnecessary privileges to elevate to higher privileges across the system, with potential impact to confidentiality, integrity and availability (CVSS 3.1: CRITICAL, AV:N/A...

CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability

...

PT-2026-51034

Name of the Vulnerable Software and Affected Versions Azure Synapse affected versions not specified Description Execution with unnecessary privileges allows an authorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer version th...

Microsoft Azure Synapse Elevation of Privilege Vulnerability

Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network...

GHSA-PW6J-QG29-8W7F vulnerabilities

Vulnerabilities for packages: datahub-ingestion-fips, synapse...

CVE-2026-45078

A flaw was found in Synapse, an open source Matrix homeserver implementation. Local authenticated users can exploit this vulnerability to consume excessive CPU resources, causing the server to become unresponsive and denying service to other users. This can lead to a complete Denial of Service Do...

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

Linux Distros Unpatched Vulnerability : CVE-2026-45076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that...

SUSE CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

SUSE CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

Linux Distros Unpatched Vulnerability : CVE-2026-45078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and le...

OPENSUSE-SU-2026:10898-1 matrix-synapse-1.153.0-2.1 on GA media

These are all security issues fixed in the matrix-synapse-1.153.0-2.1 package on the GA media of openSUSE Tumbleweed...

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2026-45076 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2026-45076 Source advisory: OSV:PYSEC-2026-194...

PYSEC-0000-CVE-2026-45078

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, local authenticated users can cause Synapse to starve other requests of CPU and lead to other requests failing, causing other users to be denied service. This vulnerability is fixed in 1.152.1...

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2026-45078 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2026-45078 Source advisory: OSV:PYSEC-2026-191...