Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: prometheus-postgresexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248699 golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCount...

CLEANSTART-2026-MW24969 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-39883, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.28.1-r0, 1.28.1-r1, 1.28.1-r2

Multiple security vulnerabilities affect the cass-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-QS28268 Security fixes for CVE-2025-14847, CVE-2025-58181, CVE-2025-61727, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810 applied in versions: 7.0.30-r0, 7.0.30-r1, 7.0.31-r0, 8.2.1-r1

Multiple security vulnerabilities affect the mongodb package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-MP82813 Security fixes for CVE-2026-33186, CVE-2026-39882, CVE-2026-39883, CVE-2026-40179, ghsa-mqqf-5wvp-8fh8 applied in versions: 1.21.0-r0, 1.21.0-r1

Multiple security vulnerabilities affect the cortex package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-TT42218 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61732, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, CVE-2026-34986, CVE-2026-35469, CVE-2026-39883, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-3xc5-wrhm-f963, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-78h2-9frx-2jm8, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-gm2x-2g9h-ccm8, ghsa-hfvc-g4fc-pqhx, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-jhf3-xxhw-2wpp, ghsa-mh2q-q3fh-2475, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-p77j-4mvh-x3m3, ghsa-pc3f-x583-g7j2 applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.12-r0, 3.1.12-r1, 3.1.14-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0

Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-SY44974 Security fixes for CVE-2015-20107, CVE-2015-2104, CVE-2019-16056, CVE-2019-16935, CVE-2019-20907, CVE-2019-5010, CVE-2020-14422, CVE-2020-8492, CVE-2021-23336, CVE-2021-29921, CVE-2021-3177, CVE-2022-45061, CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2025-59375, CVE-2026-3219, CVE-2026-6357 applied in versions: 3.10.5-r0, 3.11.1-r0, 3.11.5-r0, 3.12.12-r0, 3.12.13-r0, 3.12.3-r2, 3.12.6-r0, 3.6.8-r1, 3.7.5-r0, 3.8.2-r0, 3.8.4-r0, 3.8.5-r0, 3.8.7-r2, 3.8.8-r0, 3.9.4-r0, 3.9.5-r0

Multiple security vulnerabilities affect the python3 package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-QP84300 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-42499, CVE-2026-42501, CVE-2026-44740, CVE-2026-45022, CVE-2026-4660, ghsa-389r-gv7p-r3rp, ghsa-3xc5-wrhm-f963, ghsa-6g7g-w4f8-9c9x, ghsa-92mm-2pjq-r785, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-w8rr-5gcm-pp58, ghsa-xmrv-pmrh-hhx2 applied in versions: 0.93.13-r1, 0.97.2-r0, 0.97.2-r1, 0.97.2-r2, 0.97.2-r3, 0.97.2-r4, 0.97.2-r5, 0.97.2-r6, 0.97.2-r7, 0.97.2-r8

Multiple security vulnerabilities affect the terragrunt-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-BG69533 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32285, CVE-2026-32289, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39882, CVE-2026-42499, CVE-2026-42501, CVE-2026-44740, CVE-2026-45022, CVE-2026-4660, ghsa-389r-gv7p-r3rp, ghsa-3xc5-wrhm-f963, ghsa-6g7g-w4f8-9c9x, ghsa-92mm-2pjq-r785, ghsa-9h8m-3fm2-qjrq, ghsa-fw7p-63qq-7hpr, ghsa-q9hv-hpm4-hj6x, ghsa-w8rr-5gcm-pp58 applied in versions: 0.93.13-r1, 0.95.1-r0, 0.95.1-r1, 0.95.1-r2, 0.95.1-r3, 0.95.1-r4, 0.95.1-r5, 0.95.1-r6

Multiple security vulnerabilities affect the terragrunt-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Fedora 43 : python-uv-build / rust-astral-tokio-tar / uv (2026-a8100094df)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-a8100094df advisory. Update uv and python-uv-build to 0.11.11. Update the astral-tokio-tar Rust crate to 0.6.1, fixing security advisories GHSA- xx64-wwv2-hcqq and GHSA-...

GHSA-6M6C-36F7-FHXH Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS

Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the excludes attribute to exclude all dates. Example: gantt excludes monday,tuesday,wednesday,thursday,friday,saturday,sunday DoS :2025-01-01, 1d mermaid.parse is unaffected,...

PT-2026-39823

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

Astra Linux - уязвимость в protobuf

A parsing issue similar to CVE-2022-3171 occurs when using textformat in the protobuf-java core and Lite versions before versions 3.21.7, 3.20.3, 3.19.6, and 3.16.3. This issue can lead to a denial-of-service attack. Inputs containing multiple instances of non-repeating embedded messages with...

Astra Linux - уязвимость в webkit2gtk

This issue has been resolved through improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption...

TencentOS Server 3: freerdp (TSSA-2026:0266)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0266 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

PT-2026-35931

Name of the Vulnerable Software and Affected Versions PhpSpreadsheet versions prior to 1.30.4 PhpSpreadsheet versions 2.0.0 through 2.1.15 PhpSpreadsheet versions 2.2.0 through 2.4.4 PhpSpreadsheet versions 3.3.0 through 3.10.4 PhpSpreadsheet versions 4.0.0 through 5.6.0 Description The HTML Writ...

CVE-2026-22565

An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Play network to cause the device to stop responding. Affected Products: UniFi Play PowerAmp Version 1.0.35 and earlier UniFi Play Audio Port Version 1.0.24 and earlier Mitigation: Update UniFi Play...

CLEANSTART-2026-UY60586 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142 applied in versions: 3.19.0-r0, 4.0.0-r0, 4.0.1-r0, 4.1.1-r1, 4.1.1-r2

Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-OX06978 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.1-r1

Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-KW24478 Security fixes for CVE-2021-3538, CVE-2025-15558, CVE-2025-29923, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 2.14.2-r0, 2.14.2-r1, 2.15.0-r0, 2.15.0-r1

Multiple security vulnerabilities affect the harbor-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-TS54009 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.24.4-r0, 1.27.3-r0, 1.27.3-r1

Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details...