21 matches found
OPENSUSE-SU-2026:20969-1 Security update for google-guest-agent
This update for google-guest-agent fixes the following issues: Changes in google-guest-agent: Update to version 20260430.00 Update OWNERS 609 Update THIRDPARTYLICENSES to be package specific location. 608 Update dependencies and go version to 1.26.2 607 bsc1265762, CVE-2026-33814 Bump...
Security update for elemental-register (important)
openSUSE security update: security update for elemental-register ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20920-1 Rating: important References: bsc1251679 bsc1260277 bsc1265921 bsc1266789 bsc1267168 bsc1267197 Cross-References: CVE-2026-33186...
OPENSUSE-SU-2026:20921-1 Security update for elemental-toolkit
This update for elemental-toolkit fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260277. Changes: - Update to v2.3.4: 974af043 Bump golang.org/x/net to v0.55.0 bsc1267168 bsc1251679 ae39c90...
Security update for shadowsocks-v2ray-plugin (important)
openSUSE security update: security update for shadowsocks-v2ray-plugin ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20856-1 Rating: important References: bsc1260328 Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1...
openSUSE 16 Security Update : mcphost (openSUSE-SU-2026:20788-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20788-1 advisory. This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly...
Security update for google-guest-agent (important)
openSUSE security update: security update for google-guest-agent ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20761-1 Rating: important References: bsc1260264 Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1...
CLEANSTART-2026-QI02196 Security fixes for CVE-2025-15558, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61732, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, CVE-2026-40179, ghsa-9h8m-3fm2-qjrq, ghsa-jv3w-x3r3-g6rm, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3, ghsa-vffh-x6r8-xx99 applied in versions: 1.28.1-r0, 1.28.1-r1, 1.28.3-r0, 1.29.0-r0, 1.29.1-r0, 1.29.1-r1, 1.29.2-r0
Multiple security vulnerabilities affect the istio-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Security update for zypper-docker
This update for zypper-docker fixes the following issues CVE-2026-2808: github.com/hashicorp/consul: unvalidated user-supplied file paths can lead to arbitrary file reads through the Vault Kubernetes authentication provider bsc1259563. CVE-2026-33186: google.golang.org/grpc: authorization bypass...
openSUSE 16 Security Update : distribution (openSUSE-SU-2026:20686-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20686-1 advisory. This update for distribution fixes the following issues Security issues: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.39 security and extras update
Red Hat OpenShift Container Platform release 4.18.39 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a security impact of...
golang-github-prometheus-alertmanager-0.31.1-3.1 on GA media (moderate)
golang-github-prometheus-alertmanager-0.31.1-3.1 on GA media Announcement ID: openSUSE-SU-2026:10612-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6...
SUSE SLES15: terraform-provider-local / terraform-provider-null / etc (SUSE-SU-2026:1411-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1411-1 advisory. This update for terraform-provider-local, terraform-provider-random, terraform-provider-tls fixes the following issue...
Security update for azure-storage-azcopy
This update for azure-storage-azcopy fixes the following issues: CVE-2026-33186: Authorization bypass in grpc-go due to improper validation of the HTTP/2 :path pseudo-header bsc1260307. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
openSUSE Security Advisory (SUSE-SU-2026:1314-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLEANSTART-2026-IP72442 Security fixes for CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 3.0.2-r0, 3.0.2-r1
Multiple security vulnerabilities affect the grafana-mimir-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-LY39171 Security fixes for CVE-2026-33186 applied in versions: 3.1.4-r0
Security vulnerability affects the fabric-peer package. This issue is resolved in later releases. See references for vulnerability details...
ignition-2.26.0-3.1 on GA media (moderate)
ignition-2.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10474-1 Rating: moderate Cross-References: CVE-2026-33186 CVSS scores: CVE-2026-33186 SUSE : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2026-33186 SUSE : 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N...
CLEANSTART-2026-AP81168 Security fixes for CVE-2021-3538, CVE-2025-15558, CVE-2025-29923, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.13.4-r0, 2.13.5-r0, 2.13.5-r1
Multiple security vulnerabilities affect the harbor-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-33186
creationtimestamp| type| source ---|---|--- 2026-03-20 23:43:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjp2xyd672f 2026-03-21 02:37:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhjyrdhml32u 2026-03-23 17:05:35+00:00| seen|...
CVE-2026-33186
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...