SUSE CVE-2026-25892

Adminer is open-source database management software. Adminer v5.4.1 and earlier has a version check mechanism where adminer.org sends signed version info via JavaScript postMessage, which the browser then POSTs to ?script=version. This endpoint lacks origin validation and accepts POST data from a...

Keycloak < 26.5.3 Multiple Vulnerabilities

Keycloak versions installed prior to 26.5.3 are affected by multiple vulnerabilities as referenced in the advisory. - A flaw in Keycloak where the JSON Web Token JWT authorization grant preview feature fails to validate a user's disabled status during JWT authorization grant processing. When this...

RockyLinux 8 : spice-client-win (RLSA-2026:2214)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2214 advisory. libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based...

RHEL 8 : spice-client-win (RHSA-2026:2529)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2529 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer...

RHEL 8 : spice-client-win (RHSA-2026:2514)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2514 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

RHEL 8 : libsoup (RHSA-2026:2402)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2402 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

AlmaLinux 8 : libsoup (ALSA-2026:2215)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:2215 advisory. libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buff...

CVE-2026-25961

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...

CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...

CVE-2026-25961

CVE-2026-25961 affects SumatraPDF

CVE-2026-25961 SumatraPDF Update MITM -> Arbitrary Code Execution

SumatraPDF is a multi-format reader for Windows. In 3.5.0 through 3.5.2, SumatraPDF's update mechanism disables TLS hostname verification INTERNETFLAGIGNORECERTCNINVALID and executes installers without signature checks. A network attacker with any valid TLS certificate e.g., Let's Encrypt can...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2026:2215 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response...

PT-2026-7172

Name of the Vulnerable Software and Affected Versions SumatraPDF versions 3.5.0 through 3.5.2 Description SumatraPDF’s update process has a flaw where TLS hostname verification is disabled INTERNET FLAG IGNORE CERT CN INVALID and installers are executed without signature verification. This allows...

PT-2026-7129

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw exists in Keycloak’s invitation token registration mechanism. The server does not verify the cryptographic signature of the JSON Web Token JWT. An attacker can modify the organization...

RHEL 8 : libsoup (RHSA-2026:2215)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2215 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

RHEL 8 : spice-client-win (RHSA-2026:2214)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2214 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer...

RHEL 9 : libsoup (RHSA-2026:2216)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2216 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

ALSA-2026:2216 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response...