SUSE Linux Micro elemental toolkit Auth Bypass CVE-2026-33186 details

suse

June 9, 2026

An update that solves one vulnerability and has three fixes can now be installed.

Summary

## This update for elemental-toolkit fixes the following issue * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260277). Changes: * Update to v2.3.4: * 974af043 Bump golang.org/x/net to v0.55.0 (bsc#1267168 bsc#1251679) * ae39c90f Bump golang.org/x/crypto to v0.52.0 (bsc#1266187) * Update to v2.3.3: * 8b4af274 Avoid pulling binaries with curl * d46e30f4 Bump golangci/golangci-lint-action to v9 * 02caf200 Bump github.com/spf13/cobra library * e29e1fbf Bump github.com/jaypipes/ghw library * 652654e1 Bump github.com/bramvdbogaerde/go-scp library * f94a0c58 Bump google.golang.org/grpc library (bsc#1260277 CVE-2026-33186) * dc1a2056 Bump github.com/ulikunitz/xz library * 337a986c Update headers to 2026

Topics Covered

security advisory security update SuSE important authorization bypass elemental-toolkit

References

* bsc#1251679

* bsc#1260277

* bsc#1266187

* bsc#1267168

Cross-

* CVE-2026-33186

CVSS scores:

* CVE-2026-33186 ( SUSE ): 8.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

* CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

* CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* SUSE Linux Micro 6.2

An update that solves one vulnerability and has three fixes can now be

installed.

* https://www.suse.com/security/cve/CVE-2026-33186.html

* https://bugzilla.suse.com/show_bug.cgi?id=1251679

* https://bugzilla.suse.com/show_bug.cgi?id=1260277

* https://bugzilla.suse.com/show_bug.cgi?id=1266187

* https://bugzilla.suse.com/show_bug.cgi?id=1267168

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2026:22051-1

Release Date: 2026-06-08T14:20:14Z

Rating: important

Topics Covered

security advisory security update SuSE important authorization bypass elemental-toolkit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE Linux Micro elemental toolkit Auth Bypass CVE-2026-33186 details

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE Linux Micro elemental toolkit Auth Bypass CVE-2026-33186 details

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!