Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 501
Alerts This Week
Warning Icon 1 501

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
202

openSUSE Leap 16.0 Python-Mistune Moderate DoS XSS Fix 2026-21339-1

An update that solves 10 vulnerabilities and has 9 bug fixes can now be installed.. openSUSE security update: security update for python-mistune ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21339-1 Rating: moderate References: * bsc#1271082 * bsc#1271117 * bsc#1271119 * bsc#1271121 * bsc#1271125 * bsc#1271127 * bsc#1271128 * bsc#1271131 * bsc#1271132 Cross-References: * CVE-2026-44896 * CVE-2026-59922 * CVE-2026-59923 * CVE-2026-59924 * CVE-2026-59925 * CVE-2026-59926 * CVE-2026-59927 * CVE-2026-59928 * CVE-2026-59929 * CVE-2026-59930 CVSS scores: * CVE-2026-44896 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-44896 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2026-59922 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-59922 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-59923 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-59923 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-59924 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59924 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59925 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-59925 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-59926 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-59926 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-59927 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-59927 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-59928 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-59928 ( SUSE ): 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-59929 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-59930 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 10 vulnerabilities and has 9 bug fixes can now be installed. Description: This update for python-mistune fixes the following issues - CVE-2026-59922: quadratic-time parsing on long runs of some markers in `formatting.py` can lead to DoS (bsc#1271117). - CVE-2026-59923: `HTMLRenderer.safe_url()` does not block percent-encoded javascript URIs and allows for XSS (bsc#1271119). - CVE-2026-59924: improper processing of user-supplied include paths in `Include.parse()` can lead to path traversal and arbitrary file reads (bsc#1271121). - CVE-2026-59925: quadratic-time parsing on long runs of some emphasis pairs in `inline_parser` can lead to DoS (bsc#1271125). - CVE-2026-59926: improper escaping in `render_admonition()` can lead to atribute injection and XSS (bsc#1271127). - CVE-2026-59927: uncontrolled recursion when processing two markdown files that include each other can lead to a DoS (bsc#1271128). - CVE-2026-59928: quadratic-time parsing on long lists of repeated reference-link definitions in `block_parser` can lead to DoS (bsc#1271131). - CVE-2026-59929: HARMFUL_PROTOCOLS list misses legacy and chained schemes and allow arbitrary script execution in user agents (bsc#1271132). - CVE-2026-59930: the `toc` plugin and `TableOfContents` directive generate heading IDs with predictable values and allow for collisions with attacker-controlled `id="toc_N"` content (bsc#1271082). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patchopenSUSE-Leap-16.0-1243=1 Package List: - openSUSE Leap 16.0: python313-mistune-3.1.3-160000.5.1 References: * https://www.suse.com/security/cve/CVE-2026-44896.html * https://www.suse.com/security/cve/CVE-2026-59922.html * https://www.suse.com/security/cve/CVE-2026-59923.html * https://www.suse.com/security/cve/CVE-2026-59924.html * https://www.suse.com/security/cve/CVE-2026-59925.html * https://www.suse.com/security/cve/CVE-2026-59926.html * https://www.suse.com/security/cve/CVE-2026-59927.html * https://www.suse.com/security/cve/CVE-2026-59928.html * https://www.suse.com/security/cve/CVE-2026-59929.html * https://www.suse.com/security/cve/CVE-2026-59930.html . Update for python-mistune resolves 10 issues and includes critical fixes for DoS and XSS vulnerabilities.. openSUSE security, python-mistune update, DoS mitigation, XSS prevention. . LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200