59854 matches found
SUSE CVE-2026-27858
Attacker can send a specifically crafted message before authentication that causes managesieve to allocate large amount of memory. Attacker can force managesieve-login to be unavailable by repeatedly crashing the process. Protect access to managesieve protocol, or install fixed version. No public...
SUSE CVE-2026-27859
A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...
SUSE CVE-2026-27860
If authusernamechars is empty, it is possible to inject arbitrary LDAP filter to Dovecot's LDAP authentication. This leads to potentially bypassing restrictions and allows probing of LDAP structure. Do not clear out authusernamechars, or install fixed version. No publicly available exploits are...
SUSE CVE-2026-29794
Vikunja is an open-source self-hosted task management platform. Starting in version 0.8 and prior to version 2.2.0, unauthenticated users are able to bypass the application's built-in rate-limits by spoofing the X-Forwarded-For or X-Real-IP headers due to the rate-limit relying on the value of...
SUSE CVE-2026-30886
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.11.4-alpha.2, an Insecure Direct Object Reference IDOR vulnerability in the video proxy endpoint GET /v1/videos/:taskid/content allows any authenticated user to access video...
SUSE CVE-2026-30924
qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests on behalf of a...
SUSE CVE-2026-32254
Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. Version 2.8.0 contains a patch for the issue. Available workarounds...
SUSE CVE-2026-32284
The msgpack decoder fails to properly validate the input buffer length when processing truncated fixext data format codes 0xd4-0xd8. This can lead to an out-of-bounds read and a runtime panic, allowing a denial of service attack...
SUSE CVE-2026-32285
The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack...
SUSE CVE-2026-32286
The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic...
SUSE CVE-2026-32287
Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true"...
SUSE CVE-2026-32301
Centrifugo is an open-source scalable real-time messaging server. Prior to 6.7.0, Centrifugo is vulnerable to Server-Side Request Forgery SSRF when configured with a dynamic JWKS endpoint URL using template variables e.g. tenant. An unauthenticated attacker can craft a JWT with a malicious iss or...
SUSE CVE-2026-32606
IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...
SUSE CVE-2026-32691
A race condition in the secrets management subsystem of Juju versions 3.0.0 through 3.6.18 allows an authenticated unit agent to claim ownership of a newly initialized secret. Between generating a Juju Secret ID and creating the secret's first revision, an attacker authenticated as another unit...
SUSE CVE-2026-32692
An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret revisions. With sufficient information, an attacker can poison any existing secret revision within...
SUSE CVE-2026-32693
In Juju from version 3.0.0 through 3.6.18, the authorization of the "secret-set" tool is not performed correctly, which allows a grantee to update the secret content, and can lead to reading or updating other secrets. When the "secret-set" tool logs an error in an exploitation attempt, the secret...
SUSE CVE-2026-32694
In Juju from version 3.0.0 through 3.6.18, when a secret owner grants permissions to a secret to a grantee, the secret owner relies exclusively on a predictable XID of the secret to verify ownership. This allows a malicious grantee which can request secrets to predict past secrets granted by the...
SUSE CVE-2026-32695
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 3.6.11 and 3.7.0-ea.2, Traefik's Knative provider builds router rules by interpolating user-controlled values into backtick-delimited rule expressions without escaping. In live cluster validation, Knative rules.hosts was...
SUSE CVE-2026-32704
SiYuan is a personal knowledge management system. Prior to 3.6.1, POST /api/template/renderSprig lacks model.CheckAdminRole, allowing any authenticated user to execute arbitrary SQL queries against the SiYuan workspace database and exfiltrate all note content, metadata, and custom attributes. Thi...
SUSE CVE-2026-32720
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...
SUSE CVE-2026-32747
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the globalCopyFiles API eads source files using filepath.Abs with no workspace boundary check, relying solely on util.IsSensitivePath whose blocklist omits /proc/, /run/secrets/, and home directory dotfiles. An admin c...
SUSE CVE-2026-32749
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importSY and POST /api/import/importZipMd write uploaded archives to a path derived from the multipart filename field without sanitization, allowing an admin to write files to arbitrary locations outsi...
SUSE CVE-2026-32750
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, POST /api/import/importStdMd passes the localPath parameter directly to model.ImportFromLocalPath with zero path validation. The function recursively reads every file under the given path and permanently stores their...
SUSE CVE-2026-32751
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree MobileFiles.ts renders notebook names via innerHTML without HTML escaping when processing renamenotebook WebSocket events. The desktop version Files.ts properly uses escapeHtml for the same...
SUSE CVE-2026-32758
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Versions 2.61.2 and below are vulnerable to Path Traversal through the resourcePatchHandler http/resource.go. The destination path in resourcePatchHandler is...
SUSE CVE-2026-32759
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...
SUSE CVE-2026-32760
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, any unauthenticated visitor can register a full administrator account when self-registration signup = true is enabled and the...
SUSE CVE-2026-32767
SiYuan is a personal knowledge management system. Versions 3.6.0 and below contain an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlyin...
SUSE CVE-2026-32768
Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. In versions prior to 0.6.5, due to a miswritten NetworkPolicy, a malicious actor can pivot from an instance to any Pod out of the origin namespace. This breaks the security-by-default property expected as...
SUSE CVE-2026-32769
Fullchain is an umbrella project for deploying a ready-to-use CTF platform. In versions prior to 0.1.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a subverted application to any Pod out of the origin namespace. The flawed inter-ns NetworkPolicy breaks the...
SUSE CVE-2026-32771
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248-254 is vulnerable to Path Traversal due to a missing...
SUSE CVE-2026-32811
Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits t...
SUSE CVE-2026-32815
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the WebSocket endpoint /ws allows unauthenticated connections when specific URL parameters are provided ?app=siyuan&id=auth&type=auth. This bypass, intended for the login page to keep the kernel alive, allows any...
SUSE CVE-2026-32879
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Starting in version 0.10.0, a logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAut...
SUSE CVE-2026-32937
free5GC is an open source 5G core network. free5GC CHF prior to version 1.2.2 has an out-of-bounds slice access vulnerability in the CHF nchf-convergedcharging service. A valid authenticated request to PUT /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=... can trigger a server-side panic...
SUSE CVE-2026-32938
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the /api/lute/html2BlockDOM on the desktop copies local files pointed to by file:// links in pasted HTML into the workspace assets directory without validating paths against a sensitive-path list. Together with GET...
SUSE CVE-2026-32940
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, SanitizeSVG has an incomplete blocklist - it blocks data:text/html and data:image/svg+xml in href attributes but misses data:text/xml and data:application/xml, both of which can render SVG with JavaScript execution. Th...
SUSE CVE-2026-32941
Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM Out-of-Memory vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an...
SUSE CVE-2026-32953
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI-and thus the same key...
SUSE CVE-2026-33062
free5GC is an open source 5G core network. free5GC NRF prior to version 1.4.2 has an Improper Input Validation vulnerability leading to Denial of Service. All deployments of free5GC using the NRF discovery service are affected. The EncodeGroupId function attempts to access array indices 0, 1, 2...
SUSE CVE-2026-33063
free5GC is an open source 5G core network. free5GC AUSF prior to version 1.4.2 has is an Improper Null Check vulnerability leading to Denial of Service. All deployments of free5GC v4.0.1 using the AUSF UE authentication service /nausf-auth/v1/ue-authentications endpoint are affected. A remote...
SUSE CVE-2026-33064
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...
SUSE CVE-2026-33065
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling DELETE requests with an empty supi path parameter. This leak...
SUSE CVE-2026-33066
SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New without calling SetSanitizetrue, allowing raw HTML embedded in Markdown to pass through unmodified. The frontend then assigns the rendered HTML to innerHTML without any...
SUSE CVE-2026-33067
SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields displayName, description using template literals without HTML escaping. A malicious package author can inject arbitrary HTML/JavaScript into these fields, which executes automatically when an...
SUSE CVE-2026-33081
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Versions 0.8.2 and below have a Blind SSRF vulnerability in the /download endpoint. The validateDownloadURL function only checks the initial user-supplied URL, but the embedded Chromium browser can...
SUSE CVE-2026-33132
ZITADEL is an open source identity management platform. Versions prior to 3.4.9 and 4.0.0 through 4.12.2 allowed users to bypass organization enforcement during authentication. Zitadel allows applications to enforce an organzation context during authentication using scopes urn:zitadel:iam:org:id:...
SUSE CVE-2026-33191
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to null byte injection in URL path parameters. A remote attacker can inject null bytes URL-encoded as %00 into the supi path parameter of the UDM's...
SUSE CVE-2026-33192
Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with an empty supi path parameter...
SUSE CVE-2026-33194
SiYuan is a personal knowledge management system. Prior to version 3.6.2, the IsSensitivePath function in kernel/util/path.go uses a denylist approach that was recently expanded GHSA-h5vh-m7fg-w5h6, commit 9914fd1 but remains incomplete. Multiple security-relevant Linux directories are not blocke...