Security Bulletin: z/Transaction Processing Facility is affected by a vulnerability in the cryptography package (CVE-2026-39892)

Summary The cryptography package is used by the z/TPF system as part of runtime metrics collection RTMC. Vulnerability Details CVEID:CVE-2026-39892 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if...

Security Bulletin: z/Transaction Processing Facility is affected by a vulnerability in the cryptography package (CVE-2026-34073)

Summary The cryptography package is used by the z/TPF system as part of runtime metrics collection RTMC. Vulnerability Details CVEID:CVE-2026-34073 DESCRIPTION: cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS nam...

zebra 安全漏洞

Zebra is an open-source Zcash implementation built using Rust by the Zcash Foundation. There is a security vulnerability in Zebra, which stems from vulnerabilities in the transaction processing logic of Zebra. This vulnerability could allow remote, unauthenticated attackers to cause Zebra nodes t...

EUVD-2026-13614

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

UBUNTU-CVE-2026-23278

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

CVE-2026-23278

CVE-2026-23278 (Linux kernel nf_tables catchall handling) The issue occurs in netfilter nf_tables where, during transaction processing, a map holding catchall elements being removed may require toggling all pending catchall elements, not just the first viable candidate. If the map is also being f...

CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

CVE-2026-23278

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If...

Security Bulletin: A vulnerability in IBM Semeru Runtime affects z/Transaction Processing Facility

Summary There is a vulnerability in IBM® Semeru Runtime Certified Edition 11 and IBM® Semeru Runtime Certified Edition 21 that are used by the z/TPF system. z/TPF has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-53057 DESCRIPTION: An unspecified vulnerability in Java SE...

PT-2026-26583

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the netfilter subsystem related to nf tables. During transaction processing, multiple catchall elements may exist, including one active and one...

EUVD-2017-14539

Malware in sbrugna...

EUVD-2021-12718

Malware in sbrugna...

EUVD-2023-3042

Malicious code in bioql PyPI...

Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility

Summary There are multiple vulnerabilities in IBM® Semeru Runtime Certified Edition 11 that is used by the z/TPF system. z/TPF has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-21217 DESCRIPTION: Vulnerability in Java SE component: Serialization. Difficult to exploit...

Security Bulletin: z/Transaction Processing Facility is affected by a vulnerability in the Apache Mina SSHD package (CVE-2023-48795)

Summary The Apache Mina SSHD package is used by the z/TPF system as part of the z/TPF secure file transfer support. Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

IBM CICS TX Advanced Cross-Site Scripting Vulnerability (CNVD-2025-02532)

IBM CICS TX Advanced is a transaction processing monitoring system from International Business Machines IBM for running large-scale, high-transaction-volume applications in enterprise environments. IBM CICS TX Advanced suffers from a cross-site scripting vulnerability that stems from the...

IBM CICS TX Advanced 跨站脚本漏洞

IBM CICS TX Advanced is a transaction processing monitoring system from International Business Machines IBM for running large-scale, high-transaction-volume applications in enterprise environments. IBM CICS TX Advanced suffers from a cross-site scripting vulnerability that stems from the...

CVE-2024-52914

In Bitcoin Core before 0.18.0, a node could be stalled for hours when processing the orphans of a crafted unconfirmed transaction...

Unspecified Vulnerability in IBM TXSeries for Multiplatforms (CNVD-2024-43182)

IBM TXSeries for Multiplatforms is a transaction monitoring and management software product from International Business Machines IBM designed to support distributed transaction processing on multiple platforms. A security vulnerability exists in IBM TXSeries for Multiplatforms version 10.1, which...