Medium: python-flask

Issue Overview: Flask is a web server gateway interface WSGI web application framework. In versions 3.1.2 and below, when the session object is accessed, Flask should set the Vary: Cookie header., resulting in a Use of Cache Containing Sensitive Information vulnerability. The logic instructs cach...

Medium: golang

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize CVE-2025-68792 In the...

Important: firefox

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

Important: nodejs22

Issue Overview: node-tar is a full-featured Tar for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink inside the extraction directory that points to a file outside the extraction root, enabling arbitrary file read and write as th...

Medium: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlbpmdshared CVE-2026-23100 In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the...

Medium: libssh

Issue Overview: libssh: SCP Protocol Path Traversal in sshscppullrequest CVE-2026-0964 libssh: Specially crafted patterns could cause DoS CVE-2026-0967 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.10.20260325 or dnf update --advisory ALAS2023-2026-1472...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper CVE-2025-40110 In th...

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PS...

Important: tomcat10

Issue Overview: mproper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak CVE-2023-53424 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac CVE-2025-38643 In the Linux...

Medium: freetype

Issue Overview: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. CVE-2026-23865...

Important: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

Medium: libsodium

Issue Overview: libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

Medium: libde265

Issue Overview: strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable. CVE-2025-61147 Affected Packages: libde265 Issue Correction: Run dnf update libde265 --releasever 2023.10.20260325 or dnf update --advisory...

Low: python3.13-pip

Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...

Important: openexr

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector totalsizes for attacker-controlled large counts across...

Important: tomcat9

Issue Overview: mproper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation CVE-2025-40209 In t...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs CVE-2025-71225 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent...

Important: kernel-livepatch-6.12.63-84.121

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged...

Important: kernel-livepatch-6.12.58-82.121

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr CVE-2025-71085 In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged...

Important: postgresql

Issue Overview: Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provider to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected. CVE-2026-2005 Affected Packages: postgresql Note: This...

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...

Medium: compat-libtiff3

Issue Overview: libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. CVE-2025-61145 A vulnerability was identified in LibTIFF 4.7.0. This issue affects the function May of the file tiffcrop.c of the component tiffcrop. The manipulation leads to memory...

Medium: gvfs

Issue Overview: A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode PASV response. The client unconditionally trusts this information and attempts to connect to the specified endpoint,...

Important: freerdp

Issue Overview: FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a malicious RDP server can trigger a heap buffer overflow in FreeRDP clients using the GDI surface pipeline e.g., xfreerdp by sending an RDPGFX ClearCodec surface command with an out-of-bound...

Important: gimp

Issue Overview: GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name CVE-2023-54207 In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in deviceadd...

Medium: tomcat

Issue Overview: A flaw was found in Tomcat. An improper input validation vulnerability allows an attacker to bypass security constraints. Specifically, if a security constraint is configured to permit HEAD requests to a URI but deny GET requests, a malformed or specification invalid HEAD request...

Important: thunderbird

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

Medium: lcms2

Issue Overview: A heap buffer overflow vulnerability has been identified in thesmooth2 in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color...

Important: kernel-livepatch-5.10.245-245.983

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: initialize MAC header offset in qmimuxrxfixup CVE-2025-68192 Affected Packages: kernel-livepatch-5.10.245-245.983 Issue Correction: Please ensure you have live patching enabled. Run yum update...

Important: compat-libtiff3

Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages:...

Important: firefox

Issue Overview: Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and Firefox ESR 140.8. CVE-2026-2757 Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 148, Firefox ESR 115.33, and...

Important: tomcat

Issue Overview: mproper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, from 10.1.0-M1 through 10.1.49, from 9.0.0-M1 through 9.0.112. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through...

Medium: golang

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Important: libtiff

Issue Overview: libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tifopen.c. CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. CVE-2025-61144 Affected Packages: libtiff...

Medium: libsodium

Issue Overview: libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

Important: 389-ds-base

Issue Overview: A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for...

Medium: golist

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

Medium: amazon-cloudwatch-agent

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

Important: exiv2

Issue Overview: Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

Medium: libsodium

Issue Overview: libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to cryptocoreed25519isvalidpoint, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group...

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this...

Medium: wireshark

Issue Overview: ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file CVE-2024-11596 Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MEGACO dissector infinite...

Low: aide

Issue Overview: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute...

Medium: python

Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...

Important: firefox

Issue Overview: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized but allocated memory. This can be done by causing the decoder to reference an outside-image-bound area in a subsequent patches. An incorrect optimization causes the decoder to omit populating...

Medium: python3

Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...