Debian dsa-6182 : libxml-parser-perl - security update

The remote Debian 12 / 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6182 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6182-1 [email protected] https://www.debian.org/security/...

Clerk: SSRF in the opt-in clerkFrontendApiProxy feature may leak secret keys to unintended host

Summary The clerkFrontendApiProxy function in @clerk/backend is vulnerable to Server-Side Request Forgery SSRF. An unauthenticated attacker can craft a request path that causes the proxy to send the application's Clerk-Secret-Key to an attacker-controlled server. Affected packages Only applicatio...

Debian dsa-6143 : libvpx-dev - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6143 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6143-1 [email protected] https://www.debian.org/security/...

CVE-2026-23864

CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...

MiracleLinux 8 : python-setuptools-39.2.0-6.el8.1 (AXSA:2023-5166:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5166:01 advisory. pypa-setuptools: Regular Expression Denial of Service ReDoS in packageindex.py CVE-2022-40897 Tenable has extracted the preceding description block directly...

MiracleLinux 3 : perl-5.8.8-10.3.1AXS3 (AXSA:2008-74:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-74:01 advisory. Perl is a high-level programming language commonly used for system administration utilities and Web programming. A flaw was found in Perl's regular expression...

mariadb:10.3 security, bug fix, and enhancement update

An update is available for module.mariadb, galera, Judy, module.galera, mariadb, module.Judy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MariaDB is a...

Vulnerabilities fixed in React Server Components

React has fixed vulnerabilities in certain versions of React Server Components specifically for versions 19.0.0, 19.1.0, 19.1.1 and 19.2.0. An unauthenticated attacker can send a rogue HTTP request to any Server Function endpoint that, when processed by React, can lead to remote code execution on...

PT-2026-4812

Name of the Vulnerable Software and Affected Versions React versions 19.0.0 through 19.2.3 react-server-dom-webpack versions 19.0.0 through 19.2.3 react-server-dom-parcel versions 19.0.0 through 19.2.3 react-server-dom-turbopack versions 19.0.0 through 19.2.3 Next.js versions 13.x through 16.x...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.82 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.82 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

Debian dsa-6049 : gimp - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6049 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6049-1 [email protected] https://www.debian.org/security/...

RHEL 8 / 9 : Satellite 6 Client Bug Fix Update (Moderate) (RHSA-2025:17693)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:17693 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.22 security and extras update

Red Hat OpenShift Container Platform release 4.18.22 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...

RHEL 9 : Satellite 6.17.3 Async Update (Moderate) (RHSA-2025:13269)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13269 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

RHEL 8 / 9 : OpenShift Container Platform 4.18.21 (RHSA-2025:11678)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:11678 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

[SECURITY] [DLA 4252-1] snapcast security update

Debian LTS Advisory DLA-4252-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert July 27, 2025 https://wiki.debian.org/LTS Package : snapcast Version : 0.23.0+dfsg1-1+deb11u1 CVE ID : CVE-2023-36177 An RCE vulnerability was found in snapcast, a multi-room client-serv...

NewStart CGSL MAIN 7.02 : cpio Vulnerability (NS-SA-2025-0164)

The remote NewStart CGSL host, running version MAIN 7.02, has cpio packages installed that are affected by a vulnerability: - cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. CVE-2015-1197 Note...

NewStart CGSL MAIN 7.02 : qpdf Vulnerability (NS-SA-2025-0178)

The remote NewStart CGSL host, running version MAIN 7.02, has qpdf packages installed that are affected by a vulnerability: - Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h. CVE-2024-24246 Note...

NewStart CGSL MAIN 7.02 : gnutls Vulnerability (NS-SA-2025-0141)

The remote NewStart CGSL host, running version MAIN 7.02, has gnutls packages installed that are affected by a vulnerability: - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5...

NewStart CGSL MAIN 7.02 : gtk2 Vulnerability (NS-SA-2025-0110)

The remote NewStart CGSL host, running version MAIN 7.02, has gtk2 packages installed that are affected by a vulnerability: - A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory...