OPENSUSE-SU-2026:11121-1 corepack24-24.17.0-1.1 on GA media

These are all security issues fixed in the corepack24-24.17.0-1.1 package on the GA media of openSUSE Tumbleweed...

kubevirt1.8-container-disk-1.8.3-1.1 on GA media (moderate)

kubevirt1.8-container-disk-1.8.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:11091-1 Rating: moderate Cross-References: CVE-2021-43565 CVE-2023-26484 CVE-2023-44487 CVE-2024-33394 CVE-2025-22872 CVE-2025-64433 CVE-2025-64437 CVE-2026-33186 CVE-2026-9804 CVSS scores: CVE-2021-43565 SUSE : 7....

OPENSUSE-SU-2026:11109-1 libssh2-1-1.11.1-3.1 on GA media

These are all security issues fixed in the libssh2-1-1.11.1-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:11112-1 python311-py7zr-1.1.3-1.1 on GA media

These are all security issues fixed in the python311-py7zr-1.1.3-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-52057

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x Node.js versions 24.x Node.js versions 26.0.0 through 26.3.0 Description An issue in proxy tunnel error handling may lead to the exposure of proxy credentials within ERR PROXY TUNNEL error messages. This occurs when...

PT-2026-52060

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x and earlier Node.js versions 24.x and earlier Node.js versions 26.0.0 through 26.3.0 Description An inconsistency in hostname matching can lead to a trust-policy bypass within multi-context mTLS mutual Transport Layer...

PT-2026-52061

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x and earlier Node.js versions 24.x and earlier Node.js versions 26.x and earlier Description A flaw in TLS hostname handling allows embedded-nul hostnames to cause silent authority rebinding. This occurs due to c-string...

OPENSUSE-SU-2026:11113-1 python311-pypdf-6.14.0-1.1 on GA media

These are all security issues fixed in the python311-pypdf-6.14.0-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-52064

Name of the Vulnerable Software and Affected Versions Node.js versions 26.0.0 through 26.3.0 Description A flaw in the Node.js Permission API allows a local server to be started via a Unix domain socket, bypassing the requirement for the --allow-net permission. Recommendations Update to version...

OPENSUSE-SU-2026:11110-1 nodejs26-26.3.1-1.1 on GA media

These are all security issues fixed in the nodejs26-26.3.1-1.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-52058

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x, 24.x, and 26.x prior to 26.3.1-1.1 Description A flaw in the Node.js HTTP/2 client enables a server to send an unlimited number of ORIGIN frames, potentially causing an Out of Memory error on the client side...

PT-2026-52062

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x through 26.3.0 Description A flaw in the TLS host verification process allows an attacker to bypass certification validation. Recommendations Update Node.js to version 26.3.1 or later...

PT-2026-52063

Name of the Vulnerable Software and Affected Versions Node.js versions 22.x Node.js versions 24.x Node.js versions 26.x Description A flaw in the Node.js Permission API allows file metadata to be modified even when a path is configured as read-only, such as when using the --allow-fs-read flag...

OPENSUSE-SU-2026:11090-1 haproxy-3.4.0+git31.fc300e9f2-1.1 on GA media

These are all security issues fixed in the haproxy-3.4.0+git31.fc300e9f2-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:11099-1 python311-python-multipart-0.0.32-1.1 on GA media

These are all security issues fixed in the python311-python-multipart-0.0.32-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:11097-1 python311-aiohttp-3.14.1-1.1 on GA media

These are all security issues fixed in the python311-aiohttp-3.14.1-1.1 package on the GA media of openSUSE Tumbleweed...

python311-3.11.15-6.1 on GA media (moderate)

python311-3.11.15-6.1 on GA media Announcement ID: openSUSE-SU-2026:11068-1 Rating: moderate Cross-References: CVE-2026-1502 CVE-2026-3446 CVE-2026-4786 CVE-2026-6019 CVE-2026-6100 CVSS scores: CVE-2026-1502 SUSE : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2026-1502 SUSE : 5.7...

tinyproxy-1.11.3-3.1 on GA media (moderate)

tinyproxy-1.11.3-3.1 on GA media Announcement ID: openSUSE-SU-2026:11060-1 Rating: moderate Cross-References: CVE-2026-54387 CVE-2026-54388 CVE-2026-55202 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all security issue...

OPENSUSE-SU-2026:11060-1 tinyproxy-1.11.3-3.1 on GA media

These are all security issues fixed in the tinyproxy-1.11.3-3.1 package on the GA media of openSUSE Tumbleweed...

traefik-3.7.5-1.1 on GA media (moderate)

traefik-3.7.5-1.1 on GA media Announcement ID: openSUSE-SU-2026:11047-1 Rating: moderate Cross-References: CVE-2026-48020 CVE-2026-48491 CVE-2026-53622 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all security issues...