Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 618
Alerts This Week
Warning Icon 1 618

SUSE Multi-Linux Manager Client Tools Critical Security Patch 2026-1524-1

suse
Calendar Grey April 21, 2026
Dist Suse Esm H88
SUSE Multi-Linux Manager Client Tools critical patch addresses 17 vulnerabilities and adds features to enhance security.
An update that solves 17 vulnerabilities, contains two features and has 13 security fixes can now be installed.

Summary

## This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Internal changes to fix build issues with no impact for customers golang-github-prometheus-prometheus: * Security issues fixed: * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893) * Bumped rollup to version 4.59.0 * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841) * Bumped brace-expansion to version 5.0.2 * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442) * CVE-2025-13465: Bumped lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329) * CVE-2026-33186: Fixed authorization bypass due to improper validation of the

References

* bsc#1245302

* bsc#1250367

* bsc#1252548

* bsc#1252964

* bsc#1254154

* bsc#1254619

* bsc#1257329

* bsc#1257337

* bsc#1257349

* bsc#1257442

* bsc#1257447

* bsc#1257660

* bsc#1257841

* bsc#1257897

* bsc#1257941

* bsc#1258015

* bsc#1258136

* bsc#1258418

* bsc#1258595

* bsc#1258873

* bsc#1258893

* bsc#1258927

* bsc#1259208

* bsc#1260263

* bsc#1260267

* bsc#1260878

* bsc#1261025

* bsc#1261026

* bsc#1261027

* bsc#1261029

* jsc#MSQA-1048

* jsc#PED-15474

Cross-

* CVE-2025-13465

* CVE-2025-3415

* CVE-2025-61140

* CVE-2026-1615

* CVE-2026-21720

* CVE-2026-21721

* CVE-2026-21722

* CVE-2026-21724

* CVE-2026-21725

* CVE-2026-25547

* CVE-2026-26958

* CVE-2026-27606

* CVE-2026-27876

* CVE-2026-27877

* CVE-2026-27879

* CVE-2026-28375

* CVE-2026-33186

CVSS scores:

* CVE-2025-13465 ( SUSE ): 8.8

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:1524-1
Release Date: 2026-04-21T09:26:10Z
Rating: critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.