Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

SUSE Alloy Important Security Update 27 Vulnerabilities Fixed 2026-2824-1

suse
Calendar Grey July 10, 2026
Dist Suse Esm H88
SUSE security update fixes important issues in alloy, handling 27 vulnerabilities effectively.
An update that solves 27 vulnerabilities can now be installed.

Summary

## This update for alloy fixes the following issues * CVE-2026-10722: github.com/cilium/ebpf: BTF string offset boundary check can lead to crash when parsing malformed ELF/BTF input (bsc#1267811). * CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files (bsc#1267185). * CVE-2026-33532: denial of service via deeply nested YAML document parsing (bsc#1260981). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass and privilege escalation (bsc#1266654). * CVE-2026-39827,CVE-2026-39828,CVE-2026-39829,CVE-2026-39830,CVE-2026-39831,CVE-2026-39832,CVE-2026-39833,

References

* bsc#1260981

* bsc#1265440

* bsc#1266196

* bsc#1266654

* bsc#1267185

* bsc#1267333

* bsc#1267481

* bsc#1267485

* bsc#1267488

* bsc#1267489

* bsc#1267811

Cross-

* CVE-2026-10722

* CVE-2026-25680

* CVE-2026-25681

* CVE-2026-27136

* CVE-2026-33532

* CVE-2026-39821

* CVE-2026-39827

* CVE-2026-39828

* CVE-2026-39829

* CVE-2026-39830

* CVE-2026-39831

* CVE-2026-39832

* CVE-2026-39833

* CVE-2026-39834

* CVE-2026-39835

* CVE-2026-41889

* CVE-2026-42502

* CVE-2026-42506

* CVE-2026-42508

* CVE-2026-44740

* CVE-2026-45678

* CVE-2026-45682

* CVE-2026-45685

* CVE-2026-45686

* CVE-2026-46595

* CVE-2026-46597

* CVE-2026-46598

CVSS scores:

* CVE-2026-10722 ( SUSE ): 8.7

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:2824-1
Release Date: 2026-07-09T18:18:01Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.