oss-sec: by thread

• RSS Feed
• About List
• All Lists

Previous period

Next period

636 messages starting Apr 01 26 and ending May 20 26
Date index | Thread index | Author index

• Re: [vim-security] Vim modeline bypass via various options affects Vim < 9.2.0276 Salvatore Bonaccorso (Apr 01)
• Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 01)
  • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 David A. Wheeler (Apr 02)
    • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
      • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Solar Designer (Apr 02)
  • <Possible follow-ups>
  • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
    • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Tianyu Chen (Apr 02)
      • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Christian Brabandt (Apr 02)
      • Re: [vim-security] Vim tabpanel modeline escape affects Vim < 9.2.0272 Salvatore Bonaccorso (Apr 03)
• Re: Multiple vulnerabilities in AppArmor Greg KH (Apr 01)
  • <Possible follow-ups>
  • Re: Re: Multiple vulnerabilities in AppArmor Salvatore Bonaccorso (Apr 03)
  • Re: Multiple vulnerabilities in AppArmor Qualys Security Advisory (May 20)
• [vim-security] Path traversal issue with zip.vim and special crafted zip archives in Vim < v9.2.0280 Christian Brabandt (Apr 01)
• [oss-security][CVE-2026-5271] Python install manager script aliases search path hijack Alan Coopersmith (Apr 01)
• FW: libinput Security Advisory: multiple security issues in libinput Peter Hutterer (Apr 01)
• Announce: OpenSSH 10.3 released Damien Miller (Apr 02)
  • Re: Announce: OpenSSH 10.3 released Agostino Sarubbo (Apr 03)
    • Re: Announce: OpenSSH 10.3 released Salvatore Bonaccorso (Apr 03)
  • Re: Announce: OpenSSH 10.3 released Demi Marie Obenour (Apr 03)
    • Re: Announce: OpenSSH 10.3 released Damien Miller (Apr 06)
      • Re: Announce: OpenSSH 10.3 released Demi Marie Obenour (Apr 07)
      • Re: Announce: OpenSSH 10.3 released Damien Miller (Apr 07)
      • Re: Announce: OpenSSH 10.3 released Demi Marie Obenour (Apr 07)
• [ANNOUNCE] ATS is vulnerable to HTTP requests with body Masakazu Kitajo (Apr 02)
• [libc musl] - Algorithmic complexity DoS in iconv GB18030 decoder Jens Jarl Nestén Hansen-Nord (Apr 02)
  • Re: [libc musl] - Algorithmic complexity DoS in iconv GB18030 decoder Rich Felker (Apr 02)
    • Re: [libc musl] - Algorithmic complexity DoS in iconv GB18030 decoder Rich Felker (Apr 02)
  • Re: [libc musl] - Algorithmic complexity DoS in iconv GB18030 decoder Jens Jarl Nestén Hansen-Nord (Apr 09)
• Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 05)
  • Re: Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 07)
    • Re: Re: Heads-up: Upcoming Samba security releases (2026-04-09) Douglas Bagnall (Apr 08)
      • Heads-up: Upcoming Samba security releases (2026-05-26) Douglas Bagnall (May 19)
• CVE-2026-34197: Apache ActiveMQ Broker, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans Christopher L. Shannon (Apr 06)
• CVE-2026-33227: Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ Web: Improper Limitation of a Pathname to a Restricted Directory Christopher L. Shannon (Apr 06)
• libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Andrew G. Morgan (Apr 07)
  • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Christian Göttsche (Apr 07)
    • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Solar Designer (Apr 08)
      • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Andrew G. Morgan (Apr 08)
      • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Solar Designer (Apr 08)
      • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Andrew G. Morgan (Apr 09)
      • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Tianyu Chen (Apr 09)
  • Re: libcap-2.77 (since libcap-2.04) has TOCTOU privilege escalation issue Andrew G. Morgan (Apr 08)
• CVE-2026-35554: Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition Manikumar (Apr 07)
• CVE-2026-27314: Apache Cassandra: Privilege escalation via ADD IDENTITY authorization bypass Michael Semb Wever (Apr 07)
• CVE-2026-27315: Apache Cassandra: cqlsh history sensitive information leak Michael Semb Wever (Apr 07)
• CASSANDRA-21202: CVE-2026-32588: Apache Cassandra: Authenticated DoS via ALTER ROLE Password Hashing Michael Semb Wever (Apr 07)
• Django CVE-2026-3902, CVE-2026-4277, CVE-2026-4292, CVE-2026-33033, and CVE-2026-33034 Jacob Walls (Apr 07)
• OpenSSL Security Advisory Tomas Mraz (Apr 07)
• [OSSA-2026-005] Keystone: Restricted application credentials can create EC2 credentials (CVE-2026-33551) Jeremy Stanley (Apr 07)
• [vim-security] Netbeans command injection in Vim < v9.2.0316 Christian Brabandt (Apr 07)
• systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Aaron Rainbolt (Apr 07)
  • Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Aaron Rainbolt (Apr 08)
  • Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Salvatore Bonaccorso (Apr 09)
    • Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Aaron Rainbolt (Apr 09)
      • Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Vincent Lefevre (Apr 10)
  • Re: systemd-journald in systemd 259 does not escape characters in emerg messages that are wall'd to other user's terminals Aaron Rainbolt (May 04)
• Multiple CVEs disclosed in CUPS Alan Coopersmith (Apr 07)
  • Re: Multiple CVEs disclosed in CUPS Peter Gutmann (Apr 07)
    • Re: [EXTERN] Re: [oss-security] Multiple CVEs disclosed in CUPS Schwedas, Sven (Apr 08)
• Fwd: [siren] Severity: High – Potential Malicious Campaign Underway Targeting Open Source Developers via Slack Solar Designer (Apr 07)
  • Re: Fwd: [siren] Severity: High – Potential Malicious Campaign Underway Targeting Open Source Developers via Slack Stuart D Gathman (Apr 08)
• Re: Axios Supply-Chain Attack [v1.14.1] [0.30.4] --> plain-crypto-js [4.2.0][4.2.1] Solar Designer (Apr 07)
• CVE-2026-5082: Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id Robert Rothenberg (Apr 08)
• CVE-2026-5083: Ado::Sessions versions through 0.935 for Perl generates insecure session ids Robert Rothenberg (Apr 08)
• PyCA cryptography 46.0.7 released, fixes CVE-2026-39892 Alan Coopersmith (Apr 08)
• Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Alan Coopersmith (Apr 08)
  • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Solar Designer (Apr 09)
    • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Matthias Ferdinand (Apr 17)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Eli Schwartz (Apr 17)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Sam James (Apr 17)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Matthias Ferdinand (Apr 19)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Dimitri Ledkov (Apr 20)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Morten Linderud (Apr 20)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Demi Marie Obenour (Apr 20)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Michael Orlitzky (Apr 21)
      • Re: Go 1.26.2 and Go 1.25.9 are released with 10 security fixes Demi Marie Obenour (Apr 21)
• X41 Advisory X41-2026-001: Guardrail Sandbox Escape in LiteLLM Markus Vervier (Apr 08)
  • Re: X41 Advisory X41-2026-001: Guardrail Sandbox Escape in LiteLLM Solar Designer (Apr 09)
• libpng 1.6.57: Use-after-free vulnerability fixed: CVE-2026-34757 Cosmin Truta (Apr 08)
• 4 security fixes in Flatpak, including critical CVE-2026-34078: Complete sandbox escape leading to host file access and code execution in the host context Solar Designer (Apr 08)
  • Re: 4 security fixes in Flatpak, including critical CVE-2026-34078: Complete sandbox escape leading to host file access and code execution in the host context Simon McVittie (Apr 09)
• lftp 4.9.3 does not filter non-printable characters in the output to the terminal Vincent Lefevre (Apr 08)
• CVE-2026-34538: Apache Airflow: Authorization bypass in DagRun wait endpoint (XCom exposure) Rahul Vats (Apr 09)
• CVE-2026-33005: Apache OpenMeetings: Insufficient checks in FileWebService Maxim Solodovnik (Apr 09)
• CVE-2026-33266: Apache OpenMeetings: Hardcoded Remember-Me Cookie Encryption Key and Salt Maxim Solodovnik (Apr 09)
• CVE-2026-34020: Apache OpenMeetings: Login Credentials Passed via GET Query Parameters Maxim Solodovnik (Apr 09)
• CVE-2025-57735: Apache Airflow: Airflow Logout Not Invalidating JWT Rahul Vats (Apr 09)
• CVE-2026-39304: Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incorrect handling of TLSv1.3 KeyUpdate can be exploited to cause DoS via OOM Christopher L. Shannon (Apr 09)
• CVE-2026-40046: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT: Missing fix for CVE-2025-66168: MQTT control packet remaining length field is not properly validated Christopher L. Shannon (Apr 09)
• CVE-2026-24880: Apache Tomcat: Request smuggling via invalid chunk extension Mark Thomas (Apr 09)
• CVE-2026-25854: Apache Tomcat: Occasionally open redirect Mark Thomas (Apr 09)
• CVE-2026-29129: Apache Tomcat: TLS cipher order is not preserved Mark Thomas (Apr 09)
• CVE-2026-29145: Apache Tomcat, Apache Tomcat Native: OCSP checks sometimes soft-fail even when soft-fail is disabled Mark Thomas (Apr 09)
• CVE-2026-29146: Apache Tomcat: EncryptInterceptor vulnerable to padding oracle attack by default Mark Thomas (Apr 09)
• CVE-2026-32990: Apache Tomcat: Fix for CVE-2025-66614 is incomplete Mark Thomas (Apr 09)
• CVE-2026-34483: Apache Tomcat: Incomplete escaping of JSON access logs Mark Thomas (Apr 09)
• CVE-2026-34486: Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor Mark Thomas (Apr 09)
• CVE-2026-34487: Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes bearer token Mark Thomas (Apr 09)
• CVE-2026-34500: Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is disabled Mark Thomas (Apr 09)
• [OSSA-2026-006] OpenStack Skyline: DOM-based XSS in Skyline Console via unsanitized instance console log rendering (CVE-2026-pending) Goutham Pacha Ravi (Apr 09)
• CVE-2026-4631 [cockpit] Unauthenticated remote code execution due to SSH command-line argument injection Jelle van der Waa (Apr 10)
• CVE-2026-34477: Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass Piotr Karwasz (Apr 10)
• CVE-2026-34478: Apache Log4j Core: Log injection in Rfc5424Layout due to silent configuration incompatibility Piotr Karwasz (Apr 10)
• CVE-2026-34479: Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters Piotr Karwasz (Apr 10)
• CVE-2026-34480: Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters Piotr Karwasz (Apr 10)
• xdg-desktop-portal GHSA-rqr9-jwwf-wxgj: Trashing of arbitrary host files Simon McVittie (Apr 10)
• xdg-dbus-proxy CVE-2026-34080: Eavesdrop filter bypass allows message interception Simon McVittie (Apr 10)
• CVE-2026-40198: Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass Stig Palmquist (Apr 10)
• CVE-2026-40199: Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass Stig Palmquist (Apr 10)
• [kubernetes] CVE-2026-3865: CSI Driver for SMB path traversal via subDir may delete unintended directories on the SMB server Vinayak Goyal (Apr 10)
• CPython [CVE-2026-1502] HTTP client proxy tunnel headers not validated for CR/LF Alan Coopersmith (Apr 10)
• CPython [CVE-2026-3446] Base64 decoding stops at first padded quad by default Alan Coopersmith (Apr 10)
• CVE-2026-35537+more: Roundcube arbitrary write + ID/XSS/etc. prior to 1.6.14 Valtteri Vuorikoski (Apr 11)
  • Re: CVE-2026-35537+more: Roundcube arbitrary write + ID/XSS/etc. prior to 1.6.14 Valtteri Vuorikoski (Apr 11)
• LibRaw 0.22.1 Release with security fixes Alan Coopersmith (Apr 11)
• Avahi: Reachable assertion in transport_flags_from_domain (CVE-2026-34933) Alan Coopersmith (Apr 11)
• GNU tar: listing/extraction desynchronization allows hidden file injection Alan Coopersmith (Apr 11)
  • Re: GNU tar: listing/extraction desynchronization allows hidden file injection Collin Funk (Apr 11)
    • Re: GNU tar: listing/extraction desynchronization allows hidden file injection Alan Coopersmith (Apr 11)
  • Re: GNU tar: listing/extraction desynchronization allows hidden file injection Solar Designer (Apr 11)
    • Re: GNU tar: listing/extraction desynchronization allows hidden file injection Collin Funk (Apr 11)
      • Re: GNU tar: listing/extraction desynchronization allows hidden file injection Paul Eggert (Apr 12)
• Security Audit of Hex, the Erlang package manager Alan Coopersmith (Apr 12)
  • Re: Security Audit of Hex, the Erlang package manager Alexander Patrakov (Apr 12)
    • Re: Security Audit of Hex, the Erlang package manager Alan Coopersmith (Apr 13)
• CVE-2026-35337: Apache Storm Client: RCE through Unsafe Deserialization via Kerberos TGT Credential Handling Richard Zowalla (Apr 12)
• CVE-2026-35565: Apache Storm UI: Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Storm UI Richard Zowalla (Apr 12)
• CVE-2026-5085: Solstice::Session versions through 1440 for Perl generates session ids insecurely Robert Rothenberg (Apr 13)
• CVE-2025-54057: Apache SkyWalking: Stored XSS vulnerability Zhenxu Ke (Apr 13)
• CVE-2026-34476: Apache SkyWalking MCP: Server-Side Request Forgery via SW-URL Header in MCP Server Qiuxia Fan (Apr 13)
• CVE-2026-34884: Apache SkyWalking MCP: SSRF via set_skywalking_url Tool and GraphQL Expression Injection in MCP Server Qiuxia Fan (Apr 13)
• CVE-2025-66236: Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI Rahul Vats (Apr 13)
• CVE-2026-33858: Apache Airflow: Unsafe Deserialization via Legacy Serialization Keys (__type/__var) Bypass in XCom API Rahul Vats (Apr 13)
• CVE-2026-39816: Apache NiFi: Missing Execute Code Required Permission on TinkerpopClientService David Handermann (Apr 13)
• [oss-security][CVE-2026-6100] CPython: Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure Alan Coopersmith (Apr 13)
• [oss-security][CVE-2026-4786] CPython: Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open() Alan Coopersmith (Apr 13)
• CVE-2026-5086: Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks Robert Rothenberg (Apr 13)
• CVE-2026-31923: Apache APISIX: Openid-connect `tls_verify` field is disabled by default Abhishek Choudhary (Apr 13)
• CVE-2026-31924: Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP Abhishek Choudhary (Apr 13)
• CVE-2026-31908: Apache APISIX: forward auth plugin allows header injection Abhishek Choudhary (Apr 13)
• CVE-2026-33929: Apache PDFBox Examples: Path Traversal in PDFBox ExtractEmbeddedFiles Example Code Tilman Hausherr (Apr 13)
• wolfSSL ML-DSA: same-process heap reuse exposes private signing material, enabling signature forgery Abhinav Agarwal (Apr 13)
• wolfSSL 5.9.1 CVE and non-CVE fixes Solar Designer (Apr 13)
• [disclosure] Multiple unpatched CVEs in libav (unmaintained FFmpeg fork, last update 2019) yangjincheng1998 (Apr 14)
• Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Olivier Fourdan (Apr 14)
  • Re: Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Alan Coopersmith (Apr 15)
• [OSSA-2026-007] OpenStack Keystone: LDAP identity backend does not convert enabled attribute to boolean (CVE PENDING) Goutham Pacha Ravi (Apr 14)
• CVE-2025-54550: Apache Airflow: RCE by race condition in example_xcom dag Jarek Potiuk (Apr 14)
• CVE-2026-30778: Apache SkyWalking: The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. Kai Wan (Apr 14)
• CVE-2026-25219: Apache Airlfow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access Jarek Potiuk (Apr 15)
• CVE-2026-5088: Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts Robert Rothenberg (Apr 15)
  • Re: CVE-2026-5088: Apache::API::Password versions through v0.5.2 for Perl can generate insecure random values for salts Jacques Deguest (Apr 15)
• [oss-security][CVE-2026-5713] CPython: Out-of-bounds read/write during remote debugging when connecting to malicious target Alan Coopersmith (Apr 15)
• [vim-security] Command injection via backtick expansion in tag filenames in Vim < v9.2.0357 Christian Brabandt (Apr 15)
• 7 vulnerabilities disclosed & patched in jq Alan Coopersmith (Apr 15)
  • Re: 7 vulnerabilities disclosed & patched in jq Collin Funk (Apr 15)
• UAF in rsync 3.4.1 and below Przemyslaw Frasunek (Apr 15)
  • Re: UAF in rsync 3.4.1 and below Alan Coopersmith (Apr 16)
    • Re: UAF in rsync 3.4.1 and below Salvatore Bonaccorso (Apr 16)
      • Re: UAF in rsync 3.4.1 and below Sam James (Apr 21)
• cosmic-greeter: Unsafe File System Operations in User Home Directories (CVE-2026-25704) Matthias Gerstner (Apr 16)
• CVE-2025-27363: FontForge affected by FreeType heap-buffer-overflow; upstream maintainer declines under Community-guidelines #D1 yangjincheng1998 (Apr 16)
  • Re: CVE-2025-27363: FontForge affected by FreeType heap-buffer-overflow; upstream maintainer declines under Community-guidelines #D1 Sam James (Apr 19)
• Apache Kvrocks affected by CVE-2024-31449 and CVE-2025-49844 (Redis Lua); fixed but no formal advisory yangjincheng1998 (Apr 16)
  • Re: Apache Kvrocks affected by CVE-2024-31449 and CVE-2025-49844 (Redis Lua); fixed but no formal advisory Alan Coopersmith (Apr 16)
    • Re: Apache Kvrocks affected by CVE-2024-31449 and CVE-2025-49844 (Redis Lua); fixed but no formal advisory yangjincheng1998 (Apr 16)
      • Re: Apache Kvrocks affected by CVE-2024-31449 and CVE-2025-49844 (Redis Lua); fixed but no formal advisory Solar Designer (Apr 16)
      • Re: Apache Kvrocks affected by CVE-2024-31449 and CVE-2025-49844 (Redis Lua); fixed but no formal advisory yangjincheng1998 (Apr 16)
• CVE-2026-31987: Apache Airflow: JWT token appearing in logs Rahul Vats (Apr 16)
• Re: [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability cyber security (Apr 16)
  • Re: [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability cyber security (Apr 18)
    • Re: [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability cyber security (Apr 18)
      • Re: [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability Solar Designer (Apr 18)
• CVE-2026-33557: Apache Kafka: Missing JWT token validation in OAUTHBEARER authentication Luke Chen (Apr 17)
• CVE-2026-33558: Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output Luke Chen (Apr 17)
• CVE-2025-66335: Apache Doris MCP Server: MCP SQL inject Mingyu Chen (Apr 17)
• CVE-2026-30912: Apache Airflow: Exposing stack trace in case of constraint error Rahul Vats (Apr 17)
• CVE-2026-32690: Apache Airflow: 3.x - Nested Variable Secret Values Bypass Redaction via max_depth=1 Rahul Vats (Apr 17)
• CVE-2026-30898: Apache Airflow: Bad example of BashOperator shell injection via dag_run.conf Rahul Vats (Apr 17)
• CVE-2026-32228: Apache Airflow: Users with asset materialization permisssions could trigger Dags they had no access to Rahul Vats (Apr 17)
• CVE-2026-25917: Apache Airflow: API extra-links triggers XCom deserialization/class instantiation (Airflow 3.1.5) Rahul Vats (Apr 17)
• cups: 8 various moderate vulnerabilities Zdenek Dohnal (Apr 17)
• ngtcp2: qlog_parameters_set_transport_params_stack_overflow [CVE-2026-40170] Alan Coopersmith (Apr 17)
• Xen Security Advisory 488 v1 - x86: Floating Point Divider State Sampling Xen . org security team (Apr 17)
• CVE-2026-40948: Apache Airflow Keycloak Provider: OAuth Login CSRF — Missing State Parameter in Keycloak Auth Manager Jarek Potiuk (Apr 17)
• lcms2 <= 2.18 CubeSize() integer overflow: stock Ubuntu 24.04 Poppler / evince-thumbnailer / OpenJDK crashers (different triggers), no CVE Abhinav Agarwal (Apr 17)
  • Re: lcms2 <= 2.18 CubeSize() integer overflow: stock Ubuntu 24.04 Poppler / evince-thumbnailer / OpenJDK crashers (different triggers), no CVE Abhinav Agarwal (Apr 18)
    • Re: lcms2 <= 2.18 CubeSize() integer overflow: stock Ubuntu 24.04 Poppler / evince-thumbnailer / OpenJDK crashers (different triggers), no CVE Abhinav Agarwal (Apr 29)
  • Re: lcms2 <= 2.18 CubeSize() integer overflow: stock Ubuntu 24.04 Poppler / evince-thumbnailer / OpenJDK crashers (different triggers), no CVE Sam James (Apr 29)
• CVE-2026-41113: RCE in sagredo fork of qmail Alan Coopersmith (Apr 18)
• [CVE REQUEST] terminal-controller-mcp: trivially bypassable command blocklist enables unrestricted RCE (CVSS 10.0) Pico 🧬 (Apr 19)
  • Re: [CVE REQUEST] terminal-controller-mcp: trivially bypassable command blocklist enables unrestricted RCE (CVSS 10.0) Alan Coopersmith (Apr 19)
• [ADVISORY] CVE-2026-5265: Heap Over-Read in ICMP Error Response Generation Ales Musil (Apr 20)
  • Re: [ADVISORY] CVE-2026-5265: Heap Over-Read in ICMP Error Response Generation Ales Musil (Apr 20)
• [ADVISORY] CVE-2026-5367: Heap over-read in OVN DHCPv6 Client ID processing Ales Musil (Apr 20)
  • Re: [ADVISORY] CVE-2026-5367: Heap over-read in OVN DHCPv6 Client ID processing Ales Musil (Apr 20)
• Fwd: [CVE-2026-3219] pip doesn't reject concatenated ZIP and tar archives Alan Coopersmith (Apr 20)
• The GNU C Library security advisories update for 2026-04-20 Carlos O'Donell (Apr 20)
• Libgcrypt security releases 1.12.2, 1.11.3, 1.10.x Valtteri Vuorikoski (Apr 21)
• Fwd: X.Org Security Advisory: CVE-2026-4367: libXpm Out-of-bounds read in xpmNextWord() Olivier Fourdan (Apr 21)
• CVE-2026-40706: ntfs-3g 2022.10.3: Heap buffer overflow Rostislav (Apr 21)
• CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow Robert Rothenberg (Apr 21)
  • Re: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow Sam James (Apr 21)
    • Re: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow Sam James (Apr 21)
      • Re: CVE-2017-20230: Storable versions before 3.05 for Perl has a stack overflow Steffen Nurpmeso (Apr 22)
• CVE-2025-15638: Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt Robert Rothenberg (Apr 21)
• [SECURITY] CVE-2026-40542: Apache HttpClient 5.6 SCRAM-SHA-256 mutual authentication bypass Arturo Bernal (Apr 22)
• CVE-2026-41651: TOCTOU vulnerability in PackageKit <= 1.3.4 leads to local root exploit Matthias Klumpp (Apr 22)
• [vim-security] OS Command Injection in netrw affects Vim < 9.2.0383 Christian Brabandt (Apr 22)
• PowerDNS Security Advisory 2026-03 for PowerDNS Recursor: Multiple issues Otto Moerbeek (Apr 23)
• CVE-2026-41564: CryptX versions before 0.088 for Perl do not reseed the Crypt::PK PRNG state after forking Stig Palmquist (Apr 23)
• PowerDNS Authoritative Server 4.9.14 and 5.0.4 released Miod Vallat (Apr 23)
• CVE-2026-40466: Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI Christopher L. Shannon (Apr 23)
• CVE-2026-41043: Apache ActiveMQ, Apache ActiveMQ Web: ActiveMQ Web Console - XSS vulnerability when browsing queues Christopher L. Shannon (Apr 23)
• CVE-2026-41044: Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All: Authenticated user can perform RCE via DestinationView MBean exposed by Jolokia Christopher L. Shannon (Apr 23)
• CVE-2026-23902: Apache DolphinScheduler: Users are able to use tenants that are not defined on the platform during workflow execution. Wenjun Ruan (Apr 23)
• CVE-2025-62233: Apache DolphinScheduler: Deserialization of untrusted data in RPC Wenjun Ruan (Apr 23)
• CVE-2026-38743: Apache Airflow: Dags endpoint might provide access to otherwise inaccessible entities Rahul Vats (Apr 24)
• CVE-2026-40690: Apache Airflow: Assets graph view bypasses DAG level access control displaying unrelated topologies and all DAGs names to unauthorized users Rahul Vats (Apr 24)
• rust-openssl-v0.10.78 fixes 5 CVEs Alan Coopersmith (Apr 24)
• bubblewrap CVE-2026-41163: Privilege escalation if setuid root, via ptrace Simon McVittie (Apr 25)
• CVE-2026-40557: Apache Storm Prometheus Reporter: Disabling TLS verification for Prometheus Reporter also disables it for all other connections Richard Zowalla (Apr 25)
• CVE-2026-41081: Apache Storm Client: Anonymous principal assigned on TLS client certificate verification failure Richard Zowalla (Apr 25)
• libexpat 2.8.0 fixes CVE-2026-41080 (insufficient entropy) Sebastian Pipping (Apr 26)
• CVE-2026-27172: Apache Camel: Unsafe Java deserialization in camel-consul ConsulRegistry allows arbitrary code execution via malicious values read from the Consul KV store Andrea Cosentino (Apr 26)
• CVE-2026-33453: Apache Camel: CoAP URI Query Parameter to Exchange Header Injection in camel-coap Allows Single-Packet Pre-Auth Remote Code Execution Andrea Cosentino (Apr 26)
• CVE-2026-33454: Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant) Andrea Cosentino (Apr 26)
• CVE-2026-40022: Apache Camel: Camel-Platform-HTTP-Main: Authentication Bypass on Non-Root Context Paths in camel main runtime Andrea Cosentino (Apr 26)
• CVE-2026-40048: Apache Camel: Camel-PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager Andrea Cosentino (Apr 26)
• CVE-2026-40453: Apache Camel: Incomplete fix for CVE-2025-27636 in non-HTTP HeaderFilterStrategies (camel-jms, camel-sjms, camel-coap, camel-google-pubsub) allows case-variant header injection Andrea Cosentino (Apr 26)
• CVE-2026-40473: Apache Camel: Camel-Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP Andrea Cosentino (Apr 26)
• CVE-2026-40858: Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository Andrea Cosentino (Apr 26)
• CVE-2026-40860: Apache Camel: Unsafe Deserialization of JMS ObjectMessage in camel-jms, camel-sjms, camel-sjms2 and camel-amqp Andrea Cosentino (Apr 26)
• plasma-login-manager: Weaknesses in plasmaloginauthhelper (CVE-2026-25710) Matthias Gerstner (Apr 27)
• uriparser 1.0.1 fixes CVE-2026-42371 (integer overflow) Sebastian Pipping (Apr 27)
• CVE-2026-41409: Apache MINA: CWE-502 Deserialization of Untrusted Data Emmanuel Lécharny (Apr 27)
• ZDRES-059: CVE-2026-41635: Apache MINA: AbstractIoBuffer.resolveClass() null-clazz Branch Skips acceptMatchers Filter — Full Object Deserialization RCE Emmanuel Lécharny (Apr 27)
• CVE-2026-7040: Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have heap overflow when processing some malformed UTF-8 characters Robert Rothenberg (Apr 27)
• [OSSA-2026-008] Ironic: Command Injection in IPMI Console Implementations (CVE pending) Jay Faulkner (Apr 27)
  • OSSA-2026-008: OpenStack Ironic: Command Injection in Ironic IPMI Console Implementations (CVE-2026-42510) - errata 1 Goutham Pacha Ravi (Apr 29)
• [oss-security][CVE-2026-6357] pip self-update functionality can import newly installed modules after wheel installation Alan Coopersmith (Apr 27)
• CVE-2026-40355, CVE-2026-40356: MIT krb5 1.18+ Unauthenticated Network read overrun and null pointer dereference Cem Onat Karagun (Apr 27)
• CVE-2026-41636: Apache Thrift: Node.js skip() recursion Jens Geyer (Apr 27)
• CVE-2026-41607: Apache Thrift: C++ JSON OOB read Jens Geyer (Apr 27)
• CVE-2026-41606: Apache Thrift: c_glib dispatch stack overflow Jens Geyer (Apr 27)
• CVE-2026-41605: Apache Thrift: Swift Compact Protocol integer overflow Jens Geyer (Apr 27)
• CVE-2026-41604: Apache Thrift: Swift Range crash in skip() Jens Geyer (Apr 27)
• CVE-2026-41602: Apache Thrift: Go TFramedTransport uint32 overflow Jens Geyer (Apr 27)
• CVE-2026-41603: Apache Thrift: Java TSSLTransportFactory hostname verification Jens Geyer (Apr 27)
• CVE-2025-48431: Apache Thrift glibc language bindings: Specially crafted input can crash a c_glib Thrift server with invalid pointer error. Jens Geyer (Apr 27)
• [oss-security][CVE-2026-3087] shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs Alan Coopersmith (Apr 27)
• Xen Security Advisory 483 v2 (CVE-2026-23556) - oxenstored keeps quota related use counts across domain destruction Xen . org security team (Apr 28)
• Xen Security Advisory 484 v2 (CVE-2026-23557) - Xenstored DoS via XS_RESET_WATCHES command Xen . org security team (Apr 28)
• Xen Security Advisory 485 v2 (CVE-2026-31786) - Linux kernel out of bounds read via Xen-related sysfs file Xen . org security team (Apr 28)
• Xen Security Advisory 486 v2 (CVE-2026-23558) - grant table v2 race in status page mapping Xen . org security team (Apr 28)
• Xen Security Advisory 487 v2 (CVE-2026-31787) - Linux kernel double free in Xen privcmd driver Xen . org security team (Apr 28)
• Coordinated Disclosure in the LLM Age Jeremy Stanley (Apr 28)
  • Re: Coordinated Disclosure in the LLM Age Greg Dahlman (Apr 28)
  • Re: Coordinated Disclosure in the LLM Age Jacob Bachmeyer (Apr 28)
    • Re: Coordinated Disclosure in the LLM Age Peter Gutmann (Apr 28)
    • Re: Coordinated Disclosure in the LLM Age Willy Tarreau (Apr 29)
      • Re: Coordinated Disclosure in the LLM Age Renaud Allard (Apr 29)
      • Re: Coordinated Disclosure in the LLM Age Demi Marie Obenour (May 12)
      • Re: Coordinated Disclosure in the LLM Age Willy Tarreau (May 12)
      • Re: Coordinated Disclosure in the LLM Age Yves-Alexis Perez (May 15)
      • Re: Coordinated Disclosure in the LLM Age Greg KH (May 15)
      • Re: Coordinated Disclosure in the LLM Age Santiago Ruano Rincón (May 15)
      • Re: Coordinated Disclosure in the LLM Age Greg KH (May 16)
      • Re: Coordinated Disclosure in the LLM Age Demi Marie Obenour (May 15)
    • Re: Coordinated Disclosure in the LLM Age Clemens Lang (Apr 29)
      • Re: Coordinated Disclosure in the LLM Age Greg KH (Apr 30)
  • Re: Coordinated Disclosure in the LLM Age Lucas Holt (Apr 29)
    • Re: Coordinated Disclosure in the LLM Age Jeremy Stanley (Apr 29)
    • Re: Coordinated Disclosure in the LLM Age Brian May (Apr 29)
  • Re: Coordinated Disclosure in the LLM Age Tim Shephard (May 11)
    • Sv: Coordinated Disclosure in the LLM Age Markus Klyver (May 15)
      • Sv: Coordinated Disclosure in the LLM Age ROI AI (May 15)
  • Re: Coordinated Disclosure in the LLM Age Alan Coopersmith (May 20)
• The GNU C Library security advisories update for 2026-04-28 Carlos O'Donell (Apr 28)
• CVE-2026-41873: Pony Mail: Admin account takeover via request smuggling Arnout Engelen (Apr 28)
• Xen Security Advisory 489 v1 (CVE-2026-23559,CVE-2026-23560,CVE-2026-23561,CVE-2026-23562,CVE-2026-42486) - Multiple RBAC issues in XAPI Xen . org security team (Apr 28)
• [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 MOHAMED AZIZ RAHMOUNI (Apr 28)
  • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Dmitry Butskoy (Apr 28)
  • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Dmitry Butskoy (Apr 28)
    • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Solar Designer (Apr 28)
  • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Alan Coopersmith (Apr 28)
  • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Ellenor Bjornsdottir (Apr 28)
  • Re: [SECURITY] Out-of-Bounds Read in MPLS Extension Parsing — traceroute 2.1.2 Jacob Bachmeyer (Apr 28)
• CVE-2026-40560: Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence Timothy Legge (Apr 28)
• [ADVISORY] curl: CVE-2026-4873: connection reuse ignores TLS requirement Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-5545: wrong reuse of HTTP Negotiate connection Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-5773: wrong reuse of SMB connection Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-6429: netrc credential leak with reused proxy connection Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-6253: proxy credentials leak over redirect-to proxy Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-7009: OCSP stapling bypass with Apple SecTrust Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-6276: stale custom cookie host causes cookie leak Daniel Stenberg (Apr 28)
• [ADVISORY] curl: CVE-2026-7168: cross-proxy Digest auth state leak Daniel Stenberg (Apr 28)
• Multiple vulnerabilities in Jenkins plugins Daniel Beck (Apr 29)
• CVE-2026-7111: Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption Stig Palmquist (Apr 29)
• Xen Security Advisory 489 v2 (CVE-2026-23559,CVE-2026-23560,CVE-2026-23561,CVE-2026-23562,CVE-2026-42486) - Multiple RBAC issues in XAPI Xen . org security team (Apr 29)
• CVE-2026-31431: CopyFail: linux local privilege scalation Jan Schaumann (Apr 29)
  • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eddie Chapman (Apr 29)
    • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Sam James (Apr 29)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Salvatore Bonaccorso (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg KH (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation cyber security (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg KH (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Solar Designer (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg KH (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Alan Coopersmith (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Reid Sutherland (May 01)
      • Re: [EXTERNAL] Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation Shrader, David Lee (May 01)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Justin Swartz (May 01)
      • Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation cyber security (May 01)
      • Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Reid Sutherland (May 02)
      • Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Justin Swartz (May 02)
      • Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 02)
      • Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Alexander Bochmann (May 02)
      • Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Collin Funk (May 02)
      • Re: Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Malik, Vaibhav (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Reid Sutherland (May 02)
      • Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Brian May (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation nightmare . yeah27 (May 02)
      • Re: Re: CVE-2026-31431: CopyFail: linux local privilege scalation Reid Sutherland (May 03)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Sam James (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (Apr 30)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 01)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 01)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 01)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 01)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg Dahlman (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg Dahlman (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Simon McVittie (May 03)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Greg Dahlman (May 03)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Milan Broz (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Milan Broz (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Richard Kettlewell (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 02)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Peter Gutmann (May 03)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Paul Ducklin (May 03)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Richard Kettlewell (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Demi Marie Obenour (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Solar Designer (May 04)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Eric Biggers (May 05)
  • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Sam James (Apr 29)
    • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Zube (Apr 29)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Solar Designer (Apr 29)
      • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Roman Medina-Heigl Hernandez (Apr 30)
      • CVE-2026-31431 Copy Fail Linux LPE - new public exploit Andrei Berestov (May 18)
    • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Aaron Rainbolt (Apr 29)
  • Re: CVE-2026-31431: CopyFail: linux local privilege scalation Alan Coopersmith (May 01)
  • Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Sam James (May 03)
    • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Sam James (May 03)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Sam James (May 03)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg Kroah-Hartman (May 04)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Emily Shepherd (May 04)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg KH (May 04)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Emily Shepherd (May 04)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Greg KH (May 06)
      • Re: Precise disclosure contents for copyfail (Re: [oss-security] CVE-2026-31431: CopyFail: linux local privilege scalation) Jeroen Roovers (May 04)
• CVE-2026-7381: Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting Robert Rothenberg (Apr 29)
• gnutls 3.8.13 released with 12 CVE fixes and more Alan Coopersmith (Apr 29)
• inetutils-2.8 released with 2 CVE fixes Alan Coopersmith (Apr 29)
• [CVE-2026-37555] libsndfile IMA-ADPCM integer overflow (incomplete fix for CVE-2022-33065) Feng Ning (Apr 29)
• CVE-2026-5080: Dancer::Session::Abstract versions through 1.3522 for Perl generates session ids insecurely Robert Rothenberg (Apr 30)
• Exim 4.99.2 fixes 4 CVEs Solar Designer (Apr 30)
  • Re: Exim 4.99.2 fixes 4 CVEs Florian Weimer (May 01)
• Re: 10+ CVEs in GStreamer Solar Designer (Apr 30)
  • Re: 10+ CVEs in GStreamer Demi Marie Obenour (May 01)
    • Re: 10+ CVEs in GStreamer Kevin Backhouse (May 01)
• CVE-2026-42167: SQL injection in ProFTPd prior to 1.3.9a Valtteri Vuorikoski (May 01)
  • Re: CVE-2026-42167: SQL injection in ProFTPd prior to 1.3.9a Alan Coopersmith (May 01)
• Prosody XMPP server security advisory 2026-04-31 (multiple vulnerabilities) Matthew Wild (May 01)
• CVE-2026-42402: Apache Neethi: Policy Normalization Unbounded Resource Allocation DoS Colm O hEigeartaigh (May 01)
• CVE-2026-42403: Apache Neethi: Circular Policy Reference Infinite Loop Colm O hEigeartaigh (May 01)
• CVE-2026-42404: Apache Neethi: Unrestricted HTTP Redirect Following in Policy References Colm O hEigeartaigh (May 01)
• CVE-2026-40682: Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor Richard Zowalla (May 01)
• CVE-2026-42027: Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader Richard Zowalla (May 01)
• CVE-2026-42440: Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader Richard Zowalla (May 01)
• Security audit of rust-coreutils Alan Coopersmith (May 01)
• uutils coreutils CVEs Collin Funk (May 02)
  • Re: uutils coreutils CVEs Jan Schaumann (May 02)
  • Re: uutils coreutils CVEs Jakub Wilk (May 04)
    • Re: uutils coreutils CVEs cyber security (May 04)
    • Re: uutils coreutils CVEs Eli Schwartz (May 04)
  • <Possible follow-ups>
  • Re: uutils coreutils CVEs Collin Funk (May 02)
• Ubuntu back up, In Saturday after DDoS attacks cyber security (May 02)
• CVE-2026-42809: Apache Polaris: An authenticated low-privileged user can abuse Polaris staged table creation to mint broad temporary storage credentials for an attacker-chosen location before Polaris validates that location Jean-Baptiste Onofré (May 02)
• CVE-2026-42810: Apache Polaris: Polaris accepts literal `*` characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and `s3:prefix` conditions. Jean-Baptiste Onofré (May 02)
• CVE-2026-42811: Apache Polaris: In plain terms, Polaris is supposed to issue short-lived GCS credentials that only work for one table's files, but a crafted namespace or table name can cause those credentials to work across the configured bucket instead. Jean-Baptiste Onofré (May 02)
• CVE-2026-42812: Apache Polaris: No protection on `write.metadata.path` Jean-Baptiste Onofré (May 02)
• CVE-2026-40561: Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence Timothy Legge (May 02)
• syzkaller "Reporting Linux kernel bugs" out of date Solar Designer (May 02)
• CVE request: io_uring zcrx freelist OOB write Mohamed salem Eddah (May 03)
  • Re: CVE request: io_uring zcrx freelist OOB write Greg KH (May 03)
  • Re: CVE request: io_uring zcrx freelist OOB write Pavel Begunkov (May 04)
    • Re: CVE request: io_uring zcrx freelist OOB write Solar Designer (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Mohamed salem Eddah (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Jens Axboe (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Benjamin Hays (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Jens Axboe (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Pavel Begunkov (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Solar Designer (May 07)
      • Re: CVE request: io_uring zcrx freelist OOB write Mohamed salem Eddah (May 08)
      • Re: CVE request: io_uring zcrx freelist OOB write Jens Axboe (May 08)
• CVE-2026-40563: Apache Atlas: Script injection allows access to unintended data Pinal Shah (May 03)
• [vim-security] OS Command Injection via 'path' completion affects Vim < 9.2.0435 Christian Brabandt (May 03)
• Fwd: mutt 2.3.2 released Sam James (May 03)
• CVE-2026-33857: Apache HTTP Server: Off-by-one OOB reads in AJP getter functions Eric Covener (May 04)
• CVE-2026-34032: Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string) Eric Covener (May 04)
• CVE-2026-34059: Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data() Eric Covener (May 04)
• CVE-2026-24072: Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr Eric Covener (May 04)
• CVE-2026-23918: Apache HTTP Server: http2: double free and possible RCE on early reset Eric Covener (May 04)
• CVE-2026-29169: Apache HTTP Server: mod_dav_lock indirect lock crash Eric Covener (May 04)
  • Re: CVE-2026-29169: Apache HTTP Server: mod_dav_lock indirect lock crash Solar Designer (May 05)
• CVE-2026-33006: Apache HTTP Server: mod_auth_digest timing attack Eric Covener (May 04)
• CVE-2026-33007: Apache HTTP Server: mod_authn_socache crash Eric Covener (May 04)
• CVE-2026-33523: Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line Eric Covener (May 04)
• Fwd: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 Sam James (May 04)
  • Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 Sam James (May 04)
    • Re: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 Solar Designer (May 04)
  • Re: Fwd: [pfx] Postfix stable release 3.11.2 and legacy releases 3.10.9, 3.9.10, 3.8.16 Salvatore Bonaccorso (May 04)
• Local privilege escalation in Lix and Nix Thomas GERBET (May 04)
• Nix/Lix: local privilege escalation in daemon process Martin Weinelt (May 04)
• CVE-2026-43868: Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern Jens Geyer (May 04)
• CVE-2026-43869: Apache Thrift: TSSLTransportFactory.java hostname verification Jens Geyer (May 04)
• CVE-2026-43870: Apache Thrift: Node.js web_server.js multi-vulnerability Jens Geyer (May 04)
• CVE-2026-29168: Apache HTTP Server: mod_md unrestricted OCSP response Eric Covener (May 05)
• [OSSA-2026-009] Horizon: Unauthenticated session flood via login redirect storage (CVE-2026-43002) Goutham Pacha Ravi (May 05)
• Django CVE-2026-5766, CVE-2026-35192, and CVE-2026-6907 Sarah Boyce (May 05)
• CVE-2026-28780: Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header() Eric Covener (May 05)
• [OSSA-2026-010] Ironic: Credential Forwarding to Arbitrary Endpoints via iDrac Configuration Molds Feature (CVE-2026-42997) Jay Faulkner (May 05)
• vm2: sandbox escape in NodeVM with nesting:true (CVE-2026-44007) Akshat Sinha (May 05)
• Security audit of Paramiko completed, fixes coming in 5.0 release Alan Coopersmith (May 05)
• CVE-2026-40010: Apache Wicket: possible session fixation using AuthenticatedWebSession Pedro Henrique Oliveira dos Santos (May 05)
• CVE-2026-42509: Apache Wicket: crafted strings can break out of the JavaScript sequence Pedro Henrique Oliveira dos Santos (May 05)
• CVE-2026-43646: Apache Wicket: crafted URLs can bypass PackageResourceGuard Pedro Henrique Oliveira dos Santos (May 05)
• CVE-2026-43975: Apache Wicket: Possible malicious path traversal in FolderUploadsFileManager Pedro Henrique Oliveira dos Santos (May 05)
• CVE-2026-5081: Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure Robert Rothenberg (May 06)
• CVE-2026-40562: Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence Robert Rothenberg (May 06)
• Vulnerability fixes in Tor 0.4.9.7 Sam James (May 06)
• Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption Solar Designer (May 06)
  • Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption Sam James (May 07)
    • Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption xw x (May 11)
      • Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption xw x (May 11)
      • Re: Linux kernel: KTLS + sockmap "Reverse Order" Use-After-Free / Data Corruption xw x (May 11)
• XSS in Postorius (Mailman 3) 1.3.13 and earlier Alyssa Ross (May 07)
  • Re: XSS in Postorius (Mailman 3) 1.3.13 and earlier Demi Marie Obenour (May 07)
    • Re: XSS in Postorius (Mailman 3) 1.3.13 and earlier Sebastian Pipping (May 08)
• [OSSA-2026-011] OpenStack Cyborg: Multiple access control vulnerabilities in Cyborg accelerator management (CVE-2026-40213, CVE-2026-40214) Goutham Pacha Ravi (May 07)
• Dirty Frag: Universal Linux LPE Hyunwoo Kim (May 07)
  • Re: Dirty Frag: Universal Linux LPE Sandipan Roy (May 07)
    • Re: Dirty Frag: Universal Linux LPE Greg KH (May 08)
      • Re: Dirty Frag: Universal Linux LPE Greg KH (May 08)
  • Re: Dirty Frag: Universal Linux LPE Bernhard R. Link (May 08)
  • <Possible follow-ups>
  • Re: Dirty Frag: Universal Linux LPE Daniel Tang (May 07)
    • Re: Re: Dirty Frag: Universal Linux LPE Kalin KOZHUHAROV (May 08)
      • Re: Re: Dirty Frag: Universal Linux LPE Greg Dahlman (May 08)
      • Re: Re: Dirty Frag: Universal Linux LPE Emily Shepherd (May 08)
• [vim-security] Heap Buffer Overflow in spell file loading affects Vim < 9.2.0450 Christian Brabandt (May 07)
  • Re: [vim-security] Heap Buffer Overflow in spell file loading affects Vim < 9.2.0450 Tianyu Chen (May 13)
• Copy Fail 2 / Dirty Frag — n-day from public commit, not embargo break SiCk (May 07)
  • Re: Copy Fail 2 / Dirty Frag — n-day from public commit, not embargo break Sam James (May 08)
• CVE-2013-10075: Apache::Session versions through 1.94 for Perl re-creates deleted sessions Robert Rothenberg (May 08)
• BioPython 1.87 fixes CVE-2025-68463 (XXE, SSRF) Sebastian Pipping (May 08)
• CVE-2026-6659: Crypt::PasswdMD5 versions through 1.42 for Perl generates insecure random values for salts Robert Rothenberg (May 08)
• Go 1.26.3 and Go 1.25.10 are released with 11 security fixes Alan Coopersmith (May 08)
• CVE-2025-66170: Apache CloudStack: Any user can list backups that they should not have access to Piotr P. Karwasz (May 08)
• CVE-2025-66171: Apache CloudStack: Any user can create a new VM from backups they should not have access to Piotr P. Karwasz (May 08)
• CVE-2025-66172: Apache CloudStack: Any user can attach a volume in their VMs from backups they should not have access to Piotr P. Karwasz (May 08)
• CVE-2025-66467: Apache CloudStack: MinIO policy remains intact on bucket deletion Piotr P. Karwasz (May 08)
• CVE-2025-69233: Apache CloudStack: Domain/account resources limits not honored Piotr P. Karwasz (May 08)
• CVE-2026-25077: Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates Piotr P. Karwasz (May 08)
• CVE-2026-25199: Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access Piotr P. Karwasz (May 08)
• uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Sebastian Pipping (May 09)
  • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Solar Designer (May 10)
    • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Sebastian Pipping (May 12)
      • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Ilia (May 12)
      • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Sebastian Pipping (May 12)
      • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Ilia (May 12)
      • Re: uriparser 1.0.2 fixes CVE-2026-44927 and CVE-2026-44928 Joshua Windle (May 12)
• CVE-2026-43826: Apache Airflow Providers OpenSearch: OpenSearch task-log handler leaks credentials embedded in the host URL Shahar Epstein (May 10)
• CVE-2026-41018: Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the host URL Shahar Epstein (May 10)
• CVE-2026-45179: Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses Robert Rothenberg (May 10)
• CVE-2026-45180: Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids Robert Rothenberg (May 10)
• CVE-2026-45190: Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass Stig Palmquist (May 10)
• CVE-2026-45191: Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass Stig Palmquist (May 10)
• CVE-2026-8177: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences Stig Palmquist (May 10)
  • Re: CVE-2026-8177: XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences Stig Palmquist (May 11)
• malcontent: Disk Space Exhaustion via Globally Accessible D-Bus API (CVE-2026-44931) Matthias Gerstner (May 11)
• CVE-2026-5084: WebDyne::Session versions through 2.075 for Perl generates the session id insecurely Stig Palmquist (May 11)
• [OSSA-2026-012] Ironic: Remote Code Execution when Anaconda driver enabled (CVE-2026-44916) Jay Faulkner (May 11)
• [oss-security][CVE-2026-7210] Cpython: The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection Alan Coopersmith (May 11)
  • Re: [oss-security][CVE-2026-7210] Cpython: The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection Sebastian Pipping (May 11)
• CVE Request: Fail-open authentication in hathor-wallet-headless <= 0.38.0 (vendor declined to fix) Emiliano Solazzi G. (May 11)
• dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation Alan Coopersmith (May 11)
  • Re: dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation Alan Coopersmith (May 11)
  • Re: dnsmasq vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation Sam James (May 12)
• OpenSSL ARM64 SM2 scalar multiplication timing side-channel (no CVE) Abhinav Agarwal (May 11)
• CVE-2022-4988: Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries Robert Rothenberg (May 11)
• CVE-2026-6146: Amazon::Credentials versions through 1.2.0 for Perl uses rand to generate encryption keys Robert Rothenberg (May 11)
• libexpat 2.8.1 fixes CVE-2026-45186 (denial of service) Sebastian Pipping (May 11)
• CVE-2026-7010: HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values Stig Palmquist (May 11)
• Public security analysis and LLM-assisted variant discovery Tim Shephard (May 11)
• [EXIM-Security-2026-05-01.1] Security Release 4.99.3 Heiko Schlittermann (May 12)
  • Re: [EXIM-Security-2026-05-01.1] Security Release 4.99.3 Heiko Schlittermann (May 12)
  • Re: [EXIM-Security-2026-05-01.1] Security Release 4.99.3 Sam James (May 12)
• Dovecot Security Advisory OXDC-2026-0002 Aki Tuomi (May 12)
• CVE-2026-8368: LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects Stig Palmquist (May 12)
• CVE-2026-43512: Apache Tomcat: Digest authenticator will authenticate any unknown user Mark Thomas (May 12)
• CVE-2026-43513: Apache Tomcat: LockOutRealm treats user names as case-sensitive Mark Thomas (May 12)
• CVE-2026-43514: Apache Tomcat: AJP secret compared in non-constant time Mark Thomas (May 12)
• CVE-2026-43515: Apache Tomcat: Security constraints not correctly applied Mark Thomas (May 12)
• CVE-2026-41284: Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling Mark Thomas (May 12)
• CVE-2026-41293: Apache Tomcat: HTTP/2 request headers not validated Mark Thomas (May 12)
• CVE-2026-42498: Apache Tomcat: WebSocket authentication header exposure Mark Thomas (May 12)
• Xen Security Advisory 490 v1 (CVE-2025-54518) - x86: CPU Opcode Cache corruption Xen . org security team (May 12)
• CVE-2026-5089: YAML::Syck versions before 1.38 for Perl has an out-of-bounds read Robert Rothenberg (May 12)
• Fwd: [siren] [Security Advisory] Severity: CRITICAL - Malicious Compromise of OpenSearch Pre-Release npm Packages Alan Coopersmith (May 12)
• CVE-2026-5958: GNU sed: TOCTOU race in sed -i --follow-symlinks Solar Designer (May 12)
• CVE-2026-41326: Kata Containers: CopyFile Policy Subversion via Symlinks Solar Designer (May 12)
• Linux kernel LPE ("fragnesia", copyfail 3.0) Sam James (May 13)
  • Re: Linux kernel LPE ("fragnesia", copyfail 3.0) Greg KH (May 13)
  • Re: Linux kernel LPE ("fragnesia", copyfail 3.0) Solar Designer (May 13)
    • Re: Linux kernel LPE ("fragnesia", copyfail 3.0) Jan Schaumann (May 13)
    • Re: Linux kernel LPE ("fragnesia", copyfail 3.0) Salvatore Bonaccorso (May 14)
• CVE-2026-8463: Crypt::Argon2 versions from 0.017 before 0.031 for Perl perform a heap out-of-bounds read in argon2_verify on empty encoded input Stig Palmquist (May 13)
• NGINX ngx_http_rewrite_module vulnerability CVE-2026-42945 Alan Coopersmith (May 13)
• CVE-2026-8500: Web::Passwd versions through 0.03 for Perl is vulnerable to RCE Robert Rothenberg (May 13)
• [oss-security][CVE-2026-8328] CPython: FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address Alan Coopersmith (May 13)
• CVE-2026-45205: Apache Commons Configuration: StackOverflowError for YAML input with cycles Gary D. Gregory (May 14)
• [vim-security] Command Injection in tar.vim affects Vim < 9.2.479 Christian Brabandt (May 14)
• [vim-security] Vimscript Code Injection in netrw NetrwMarkFile() via crafted filename affects Vim < 9.2.480 Christian Brabandt (May 14)
• CVE-2026-8612: WWW::Mechanize::Cached versions before 2.00 for Perl deserialize cached HTTP responses from a world-writable on-disk cache, enabling local response forgery and code execution Stig Palmquist (May 14)
• Logic bug in the Linux kernel's __ptrace_may_access() function Qualys Security Advisory (May 14)
  • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Sam James (May 14)
    • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Salvatore Bonaccorso (May 14)
      • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Salvatore Bonaccorso (May 14)
      • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Sam James (May 15)
      • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Qualys Security Advisory (May 15)
      • Re: Logic bug in the Linux kernel's __ptrace_may_access() function David Gonzalez (May 15)
  • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Qualys Security Advisory (May 15)
  • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Qualys Security Advisory (May 20)
  • Re: Logic bug in the Linux kernel's __ptrace_may_access() function Qualys Security Advisory (May 20)
• CVE-2026-8454: Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files Timothy Legge (May 15)
• CVE-2026-8503: Apache::Session::Generate::SHA256 versions before 1.3.19 for Perl create insecure session ids Robert Rothenberg (May 15)
• CVE-2026-8669: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files Timothy Legge (May 15)
• CVE-2026-46474: Trog::TOTP versions before 1.006 for Perl generate secrets using rand Robert Rothenberg (May 15)
• Security Advisory: Multiple Vulnerabilities in llama.cpp GGUF Format Parsers 135266653 (May 15)
• CVE-2026-35194: Apache Flink: Remote code execution via SQL injection in code generation Martijn Visser (May 15)
• libpng-apng: Chunk-smuggling vulnerability in push-mode APNG parser: CVE-2026-40930 Cosmin Truta (May 15)
• netatalk 4.4.3 fixes 20 CVEs, leaves 18 for later Alan Coopersmith (May 15)
• PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 Released with security fixes Alan Coopersmith (May 15)
• Poppy: XPC Observability & Fault Injection Stuart Thomas (May 15)
  • Re: Poppy: XPC Observability & Fault Injection Solar Designer (May 15)
• CVE-2026-8700: Crypt::DSA versions before 1.20 for Perl generate seeds using rand Timothy Legge (May 15)
• CVE-2026-8704: Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified Timothy Legge (May 15)
• Recent Kernel exploits, attack surface reduction, example IPSEC Hanno Böck (May 16)
  • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Valtteri Vuorikoski (May 16)
  • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Agostino Sarubbo (May 16)
  • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Bernhard R. Link (May 16)
    • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Donald Buczek (May 17)
  • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Lionel Debroux (May 16)
  • Re: Recent Kernel exploits, attack surface reduction, example IPSEC Jeffrey Walton (May 16)
• CVE-2026-46719: Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections Robert Rothenberg (May 16)
• CVE-2026-46720: Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections Robert Rothenberg (May 17)
• [vim-security] Vimscript Code Injection in netrw NetrwBookHistSave() via crafted directory name affects Vim < 9.2.495 Christian Brabandt (May 17)
• [vim-security] Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex affects Vim < 9.2.0496 Christian Brabandt (May 17)
• CVE-2026-8507: Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out of bound (OOB) write flaws Timothy Legge (May 17)
• CVE-2026-8721: Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs Timothy Legge (May 17)
• CVE-2026-8788: Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections Robert Rothenberg (May 17)
• Re: CVE request experience Fabian Keil (May 18)
• On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Aaron Rainbolt (May 18)
  • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Simon McVittie (May 19)
    • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Aaron Rainbolt (May 19)
      • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Aaron Rainbolt (May 19)
      • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Simon McVittie (May 20)
      • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Demi Marie Obenour (May 20)
      • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Gabriel Corona (May 20)
      • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) gabriel . corona (May 20)
  • Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine) Gabriel Corona (May 19)
• Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 Marcus Meissner (May 19)
  • Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 Hanno Böck (May 19)
    • Re: Fixed: local root exploit in haveged, fixed in 1.9.21, CVE-2026-41054 Steffen Nurpmeso (May 19)
  • CVE-2026-41054: haveged — privilege escalation via command socket Jiri Hladky (May 19)
• PinTheft Linux LPE Sam James (May 19)
  • Re: PinTheft Linux LPE Sam James (May 19)
    • Re: PinTheft Linux LPE Sam James (May 19)
    • Re: PinTheft Linux LPE Jelle van der Waa (May 19)
• [SBA-ADV-20260126-02] CVE-2026-42329: DFIR-IRIS before 2.4.28 Open Redirect SBA Research Security Advisory (May 19)
• [SBA-ADV-20260126-03] CVE-2026-42538: DFIR-IRIS before 2.4.28 Insecure File Upload SBA Research Security Advisory (May 19)
• [SBA-ADV-20260126-04] CVE-2026-42539: DFIR-IRIS before 2.4.28 Excessive Data Exposure SBA Research Security Advisory (May 19)
• [SBA-ADV-20260128-01] CVE-2026-42540: DFIR-IRIS before 2.4.28 Mass Assignment SBA Research Security Advisory (May 19)
• [SBA-ADV-20260128-03] CVE-2026-42543: DFIR-IRIS before 2.4.28 Cross-Site Request Forgery (CSRF) SBA Research Security Advisory (May 19)
• [SBA-ADV-20260128-05] CVE-2026-42547: DFIR-IRIS before 2.4.28 Alerts Can be Falsely Attributed to Customers SBA Research Security Advisory (May 19)
• CVE-2026-47323: Apache Camel: Camel-CXF Message Header Injection via Missing Inbound Filtering Andrea Cosentino (May 19)
• CVE-2026-29207: Apache OFBiz: Low-Privilege SSTI Leading to RCE in the Content Component Jacopo Cappellato (May 19)
• CVE-2026-29220: Apache OFBiz: Low-Privilege LFI in Content Component Jacopo Cappellato (May 19)
• CVE-2026-29226: Apache OFBiz: Low-Privilege SSRF in Content Component Jacopo Cappellato (May 19)
• CVE-2026-31378: Apache OFBiz: JSON Attribute Override and URL Allowlist Bypass Leads to Remote Code Execution Jacopo Cappellato (May 19)
• CVE-2026-31379: Apache OFBiz: Path Traversal and File Upload Validation Bypass Leading to Arbitrary File Write, Stored XSS and RCE in Catalog Manager Jacopo Cappellato (May 19)
• CVE-2026-31380: Apache OFBiz: FreeMarker SSTI via Duplicate Parameter Sanitization Bypass Jacopo Cappellato (May 19)
• CVE-2026-31387: Apache OFBiz: Cookie Manipulation Allows Authenticated JWT Forgery and Account Impersonation Jacopo Cappellato (May 19)
• CVE-2026-31388: Apache OFBiz: Cross-Tenant Data Exposure via Program Export Feature Jacopo Cappellato (May 19)
• CVE-2026-31906: Apache OFBiz: Reflected XSS via Improper HTML Attribute Escaping in Layered-Modal Dialog Parameters Jacopo Cappellato (May 19)
• CVE-2026-31909: Apache OFBiz: Unauthenticated Shipment Label Image Disclosure Jacopo Cappellato (May 19)
• CVE-2026-31910: Apache OFBiz: Improper Input Validation in UI Factory Classes Leads to SSRF and Blind File Access Jacopo Cappellato (May 19)
• CVE-2026-31986: Apache OFBiz: Unauthenticated RCE via Default JWT Signing Key and Widget Template Injection Jacopo Cappellato (May 19)
• CVE-2026-35086: Apache OFBiz: Authenticated Remote Code Execution via Unsafe Template Expansion in email services Jacopo Cappellato (May 19)
• CVE-2026-41919: Apache OFBiz: Authentication Bypass due to Improper Neutralization of LDAP Special Elements in DN Construction Jacopo Cappellato (May 19)
• CVE-2026-45187: Apache OFBiz: Improper Authorization in Scheduled Job Creation Allows Low-Privileged Users to Submit System Jobs Jacopo Cappellato (May 19)
• CVE-2026-45434: Apache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCE Jacopo Cappellato (May 19)
• CVE-2026-46586: Apache OFBiz: Improper Validation in traverseContent Service Enables Authenticated Groovy Code Execution Jacopo Cappellato (May 19)
• Memcached 1.6.42 is a "major security focused release" with CVE's TBD Alan Coopersmith (May 19)
• Evince/Atril/Xreader command injection CVE-2026-46529 Michael Catanzaro (May 19)
• CVE-2026-27173: Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments Vincent Beck (May 19)
• CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends Vincent Beck (May 19)
• [OSSA-2026-013] Ironic: Denial of Service via specially crafted deployment requests (CVE-2026-44919) Jay Faulkner (May 19)
• CVE-2026-5090: Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected Robert Rothenberg (May 19)
• PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method Aaron Rainbolt (May 19)
  • Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method Simon McVittie (May 20)
    • Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method gabriel . corona (May 20)
  • Re: PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method gabriel . corona (May 20)
• QEMU CXL Memory Corruption Vulnerability ("QEMUtiny") Brett Sheffield (May 20)
• Unbound: 1.25.1 addresses multiple CVE items Yorgos Thessalonikefs (May 20)
• rsync 3.4.3 released: six CVEs (CVE-2026-29518, CVE-2026-43617, CVE-2026-43618, CVE-2026-43619, CVE-2026-43620, CVE-2026-45232) Andrew Tridgell (May 20)
• ISC has disclosed six vulnerabilities in BIND 9 (CVE-2026-3039, CVE-2026-3592, CVE-2026-3593, CVE-2026-5946, CVE-2026-5947, CVE-2026-5950) Michał Kępień (May 20)
• PowerDNS Security Advisory 2026-06: Multiple Issues Miod Vallat (May 20)
• CVE-2026-4802 [cockpit] Arbitrary code execution in the logs page via a specially crafted link Jelle van der Waa (May 20)
• CVE-2026-47373: Crypt::SaltedHash versions through 0.09 for Perl is susceptible to timing attacks Robert Rothenberg (May 20)

Previous period

Next period