Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 845
Alerts This Week
Warning Icon 1 845

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 836 articles for you...
203

Mageia 9 Firefox Moderate LZ4 NULL Pointer Issues Fix MGASA-2026-0145

MGASA-2026-0145 - Updated firefox & thunderbird packages fix security vulnerabilities. MGASA-2026-0145 - Updated firefox & thunderbird packages fix security vulnerabilities Publication date: 16 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0145.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-62813, CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-8090, CVE-2026-8092, CVE-2026-8094 Description: LZ4 compression library issue. (CVE-2025-62813) libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content. (CVE-2026-32776) libexpat before 2.7.5 allows an infinite loop while parsing DTD content. (CVE-2026-32777) libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition. (CVE-2026-32778) Use-after-free in the DOM: Networking component. (CVE-2026-8090) Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2, Firefox 150.0.2, Thunderbird ESR 140.10.2 and Thunderbird 150.0.2. (CVE-2026-8092) Another issue in the WebRTC component. (CVE-2026-8094) References: - https://bugs.mageia.org/show_bug.cgi?id=35508 - https://www.firefox.com/en-US/firefox/140.10.2/releasenotes/ - https://www.thunderbird.net/en-US/thunderbird/140.10.2esr/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2026-41/ - https://www.mozilla.org/en-US/security/advisories/mfsa2026-44/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62813 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32776 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32777 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32778 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8090 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8092 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8094 SRPMS: - 9/core/firefox-140.10.2-1.mga9 - 9/core/firefox-l10n-140.10.2-1.mga9 - 9/core/thunderbird-140.10.2-1.mga9 -9/core/thunderbird-l10n-140.10.2-1.mga9 . Updated Firefox and Thunderbird packages address multiple security issues in Mageia 9. Critical fixes for memory safety and DTD parsing.. Firefox security patch, Mageia 9 advisory, software vulnerability fix, libexpat exploit, memory safety issues. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 Mageia
202

openSUSE Tumbleweed perl-Net-CIDR-Lite Moderate Security Flaw 2026-10780-1

An update that solves 4 vulnerabilities can now be installed.. # perl-Net-CIDR-Lite-0.240.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10780-1 Rating: moderate Cross-References: * CVE-2026-40198 * CVE-2026-40199 * CVE-2026-45190 * CVE-2026-45191 CVSS scores: * CVE-2026-40198 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-40199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-45190 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-45191 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the perl-Net-CIDR-Lite-0.240.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * perl-Net-CIDR-Lite 0.240.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40198.html * https://www.suse.com/security/cve/CVE-2026-40199.html * https://www.suse.com/security/cve/CVE-2026-45190.html * https://www.suse.com/security/cve/CVE-2026-45191.html . Discover an update for perl-Net-CIDR-Lite addressing 4 moderate issues on openSUSE Tumbleweed. Act now for protection.. openSUSE update, perl-Net-CIDR-Lite, moderate security issue, Linux vulnerabilities. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 OpenSUSE
202

openSUSE Tumbleweed 2026 Keylime-Config Moderate CVE-2026-6420 Advisory

An update that solves one vulnerability can now be installed.. # keylime-config-7.14.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10779-1 Rating: moderate Cross-References: * CVE-2026-6420 CVSS scores: * CVE-2026-6420 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L * CVE-2026-6420 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the keylime-config-7.14.2-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * keylime-config 7.14.2-1.1 * keylime-firewalld 7.14.2-1.1 * keylime-logrotate 7.14.2-1.1 * keylime-registrar 7.14.2-1.1 * keylime-tenant 7.14.2-1.1 * keylime-tpm_cert_store 7.14.2-1.1 * keylime-verifier 7.14.2-1.1 * python311-keylime 7.14.2-1.1 * python313-keylime 7.14.2-1.1 * python314-keylime 7.14.2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6420.html . Resolve a moderate issue in keylime-config on openSUSE Tumbleweed with this latest update aimed at improving security.. openSUSE update, keylime-config security, software threat management, moderate CVSS score, security patch. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 OpenSUSE
202

openSUSE Tumbleweed perl-libwww-perl Access Control Patch 2026-10781

An update that solves one vulnerability can now be installed.. # perl-libwww-perl-6.830.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10781-1 Rating: moderate Cross-References: * CVE-2026-8368 CVSS scores: * CVE-2026-8368 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-8368 ( SUSE ): 6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the perl-libwww-perl-6.830.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * perl-libwww-perl 6.830.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-8368.html . This advisory details a moderate security update for perl-libwww-perl on openSUSE, addressing CVE-2026-8368 risks.. openSUSE Perl Library Security Update, CVE-2026-8368, Moderate Risk Warning. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 OpenSUSE
87

Debian Bookworm nginx Denial of Service Fix DSA-6278-1 CVE-2026-40701

Multiple vulnerabilities were discoverd in Nginx, a high-performance web and reverse proxy server, which could result in bypass of authorisation rules or rate limits, denial of service or memory disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 1.22.1-9+deb12u7.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6278-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 16, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : nginx CVE ID : CVE-2026-40701 CVE-2026-42934 CVE-2026-42945 CVE-2026-42946 CVE-2026-40460 Multiple vulnerabilities were discoverd in Nginx, a high-performance web and reverse proxy server, which could result in bypass of authorisation rules or rate limits, denial of service or memory disclosure. For the oldstable distribution (bookworm), these problems have been fixed in version 1.22.1-9+deb12u7. For the stable distribution (trixie), these problems have been fixed in version 1.26.3-3+deb13u5. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Explore security advisory DSA-6278-1 for nginx vulnerabilities affecting Debian systems, with crucial upgrade information.. Debian NGINX Vulnerabilities, NGINX Security Update, Debian DSA-6278-1. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 Debian
197

Debian 11 Linux DLA-4587-1 Critical Escalation Info Leak CVE-2026-46333

A vulnerability has been discovered in the Linux kernel that may lead to information leaks or local privilege escalation. For Debian 11 bullseye, this problem has been fixed in version 5.10.251-5. We recommend that you upgrade your linux packages.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4587-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Ben Hutchings May 16, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : linux Version : 5.10.251-5 CVE ID : CVE-2026-46333 A vulnerability has been discovered in the Linux kernel that may lead to information leaks or local privilege escalation. For Debian 11 bullseye, this problem has been fixed in version 5.10.251-5. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A critical flaw in Debian Linux kernel enables information leaks and privilege escalation. Upgrade advised for protection.. Debian Linux Kernel Privilege Escalation Information Leak. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 Debian LTS
203

Mageia 9 dpkg Critical Denial of Service Advisory MGASA-2026-0144

MGASA-2026-0144 - Updated dpkg packages fix security vulnerabilities. MGASA-2026-0144 - Updated dpkg packages fix security vulnerabilities Publication date: 16 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0144.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-2219 Description: It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU). References: - https://bugs.mageia.org/show_bug.cgi?id=35489 - https://lists.opensuse.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/3QFBK2ZJ4T5BTAWBSDBQLVRZQKJEAJEX/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2219 SRPMS: - 9/core/dpkg-1.22.22-1.mga9 . Critical advisory for Mageia 9 addressing dpkg security flaws that may lead to denial of service. Immediate action required.. Mageia security, dpkg update, denial of service, critical vulnerabilities. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 Mageia
203

Mageia 9 golang Important Security Fix for Threats in MGASA-2026-0143

MGASA-2026-0143 - Updated golang packages fix security vulnerabilities. MGASA-2026-0143 - Updated golang packages fix security vulnerabilities Publication date: 16 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0143.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-27142, CVE-2026-25679, CVE-2026-27139, CVE-2026-27140, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32288, CVE-2026-32289 Description: We are moving to a supported branch as ver. 1.24 reaches EOL. This update comes with the security vulnerabilities fixed in the 1.25 branch. Please see the links for details. References: - https://bugs.mageia.org/show_bug.cgi?id=35181 - https://www.openwall.com/lists/oss-security/2026/05/08/20 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289 SRPMS: - 9/core/golang-1.25.10-1.mga9 . Updated golang packages in Mageia address multiple security flaws effectively. Essential patching guidance included.. Mageia advisories, golang updates, security patches. . LinuxSecurity.com Team

Calendar%202 May 16, 2026 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is application sandboxing truly safe?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/155-is-application-sandboxing-truly-safe?task=poll.vote&format=json
155
radio
0
[{"id":500,"title":"Malware still escapes container walls.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":501,"title":"Supply chains corrupt trusted packages.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":502,"title":"Convenience consistently compromises strict security.","votes":1,"type":"x","order":3,"pct":100,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200