BIT-JAVA-MIN-2026-22016

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

PT-2026-38532

These are all security issues fixed in the libtree-sitter0 26-0.26.8-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2026-33039

WWBN AVideo is an open source video platform. In versions 25.0 and below, the plugin/LiveLinks/proxy.php endpoint validates user-supplied URLs against internal/private networks using isSSRFSafeURL, but only checks the initial URL. When the initial URL responds with an HTTP redirect Location heade...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS prior to version 26 and Apple iPadOS prior to version 26, which stems fr...

EUVD-2025-29291

Malicious code in bioql PyPI...

CVE-2025-43291

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system...

CVE-2025-43341

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges...

CVE-2025-31254

This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL redirection...

PT-2025-37853

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: A privacy issue was addressed by relocating sensitive data. An application may be able to access protected user data. Recommendations: Update to macOS Sonoma...

Adobe Photoshop 25.x < 25.12.3 / 26.x < 26.6 Multiple Vulnerabilities (APSB25-40)

The version of Adobe Photoshop installed on the remote Windows host is prior to 25.12.3/26.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb25-40 advisory. - Photoshop Desktop versions 26.5, 25.12.2 and earlier are affected by an Access of Uninitialized Pointer...

Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

Keycloak versions 26 and earlier are vulnerable to a denial-of-service DoS attack through improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This can lead to cost...

Docker AuthZ Plugin Bypass Vulnerability (GHSA-v23v-6jw2-98fq)

Docker is prone to an AuthZ plugin bypass vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:docker:docker";...

Nextcloud Server Multiple Vulnerabilities (GHSA-3f8p-6qww-2prr, GHSA-5j2p-q736-hw98)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

PT-2023-8882 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions 25.0.0 through 25.0.12 Nextcloud Server versions 26.0.0 through 26.0.7 Nextcloud Server versions prior to 27.1.3 Nextcloud Enterprise Server versions 20.0.0 through 20.0.14.15 Nextcloud Enterprise Server versions...

Nextcloud Server Improper Access Control Vulnerability (GHSA-cq8w-v4fh-4rjq)

Nextcloud Server is prone to an improper access control vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Nextcloud Server 26.x < 26.0.2 Open Redirect Vulnerability (GHSA-h353-vvwv-j2r4)

Nextcloud Server is prone to an open redirect vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2020-12367

Integer overflow in some IntelR Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access...

Fedora 32 : ngircd (2020-e6d1d849c5)

Update to version 26, a bugfix and security release. FIxes CVE-2020-14148. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

CVE-2017-11281

Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier...