CLEANSTART-2026-GX29850 Security fixes for CVE-2025-61732, CVE-2025-68121 applied in versions: 1.132.0-r0, 1.132.0-r1

Multiple security vulnerabilities affect the victoriametrics-cluster package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2025-43856 immich allows account hijacking through oauth2

immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not being checked. The oauth2 state parameter is similar to a csrf token, so when the user starts the login flow...

CVE-2025-43856 immich allows account hijacking through oauth2

immich is a high performance self-hosted photo and video management solution. Prior to 1.132.0, immich is vulnerable to account hijacking through oauth2, because the state parameter is not being checked. The oauth2 state parameter is similar to a csrf token, so when the user starts the login flow...

AWS SAM CLI < 1.133.0 multiple vulnerabilities

The version of AWS SAM CLI installed on the remote host is prior to 1.133.0 and is, therefore, affected by multiple vulnerabilities: - When running the AWS SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged...