Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 4,096 articles for you...
100

SUSE dracut Important Root Code Execution Vulnern 2026-2720-1

An update that solves one vulnerability can now be installed.. # Security update for dracut Announcement ID: SUSE-SU-2026:2720-1 Release Date: 2026-07-01T13:15:19Z Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for dracut fixes the following issue * CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: * Update to version 055+suse.365.g79144c5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patchSUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2720=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2720=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2720=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2720=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2720=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * dracut-extra-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-tools-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 *dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 * SUSE Linux Enterprise HighPerformance Computing LTSS 15 SP4 (aarch64 x86_64) * dracut-mkinitrd-deprecated-055+suse.365.g79144c5-150400.3.49.1 * dracut-055+suse.365.g79144c5-150400.3.49.1 * dracut-debuginfo-055+suse.365.g79144c5-150400.3.49.1 * dracut-fips-055+suse.365.g79144c5-150400.3.49.1 * dracut-ima-055+suse.365.g79144c5-150400.3.49.1 * dracut-debugsource-055+suse.365.g79144c5-150400.3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6893.html * https://bugzilla.suse.com/show_bug.cgi?id=1268322 . # Security update for dracut Announcement ID: SUSE-SU-2026:2720-1 Release Date: 2026-07-01T13:15:19Z. update, solves, vulnerability, installed, security, dracut, announcem. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 SuSE
100

SUSE Docker Important Code Execution Priv Escalation Fix 2026-22367-1

An update that solves four vulnerabilities can now be installed.. # Security update for docker Announcement ID: SUSE-SU-2026:22367-1 Release Date: 2026-06-25T12:44:41Z Rating: important References: * bsc#1262346 * bsc#1265782 * bsc#1266625 * bsc#1267827 Cross-References: * CVE-2026-33814 * CVE-2026-39821 * CVE-2026-39984 * CVE-2026-41567 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-39984 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-41567 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N * CVE-2026-41567 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N * CVE-2026-41567 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for docker fixes the following issues * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265782). * CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows forvalidation bypass and privilege escalation (bsc#1266625). * CVE-2026-39984: github.com/sigstore/timestamp-authority/v2/pkg/verification: improper certificate validation can be used to bypass some authorization controls (bsc#1262346). * CVE-2026-41567: arbitrary code execution with full daemon privileges when a user uploads a compressed archive into that container (bsc#1267827). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-1081=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-1081=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * docker-29.4.0_ce-160000.7.1 * docker-buildx-0.33.0-160000.7.1 * docker-debuginfo-29.4.0_ce-160000.7.1 * SUSE Linux Enterprise Server 16.0 (noarch) * docker-rootless-extras-29.4.0_ce-160000.7.1 * docker-fish-completion-29.4.0_ce-160000.7.1 * docker-zsh-completion-29.4.0_ce-160000.7.1 * docker-bash-completion-29.4.0_ce-160000.7.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * docker-rootless-extras-29.4.0_ce-160000.7.1 * docker-bash-completion-29.4.0_ce-160000.7.1 * docker-zsh-completion-29.4.0_ce-160000.7.1 * docker-fish-completion-29.4.0_ce-160000.7.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * docker-29.4.0_ce-160000.7.1 * docker-buildx-0.33.0-160000.7.1 * docker-debuginfo-29.4.0_ce-160000.7.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-39984.html * https://www.suse.com/security/cve/CVE-2026-41567.html * https://bugzilla.suse.com/show_bug.cgi?id=1262346 *https://bugzilla.suse.com/show_bug.cgi?id=1265782 * https://bugzilla.suse.com/show_bug.cgi?id=1266625 * https://bugzilla.suse.com/show_bug.cgi?id=1267827 . Critical update for SUSE docker resolves four important vulnerabilities affecting server security.. SUSE Docker Update Privilege Escalation Critical Fix. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 SuSE
219

Rocky Linux perl-IO-Compress Important Code Execution Risk RLSA-2026

Important: perl-IO-Compress security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:30859", "synopsis": "Important: perl-IO-Compress security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for perl-IO-Compress.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution:\n* Compress-Zlib\n* IO-Compress-Zlib\n* IO-Compress-Bzip2\n* IO-Compress-Base\n\nSecurity Fix(es):\n\n* perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2481767", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2481767", "description": ""}], "cves": [{"name": "CVE-2026-48962", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48962", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-94"}], "references": [], "publishedAt": "2026-07-01T12:03:26.775911Z", "rpms": {"Rocky Linux 9": {"nvras": ["perl-IO-Compress-0:2.102-4.el9_8.1.noarch.rpm", "perl-IO-Compress-0:2.102-4.el9_8.1.src.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update available for perl-IO-Compress in Rocky Linux affecting system security.Immediate action recommended.. perl IO Compress security update Rocky Linux important. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Rocky Linux
219

Rocky Linux perl-IO-Compress Important Code Execution Risk RLSA-2026-30859

Important: perl-IO-Compress security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:30859", "synopsis": "Important: perl-IO-Compress security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for perl-IO-Compress.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution:\n* Compress-Zlib\n* IO-Compress-Zlib\n* IO-Compress-Bzip2\n* IO-Compress-Base\n\nSecurity Fix(es):\n\n* perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2481767", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2481767", "description": ""}], "cves": [{"name": "CVE-2026-48962", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48962", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-94"}], "references": [], "publishedAt": "2026-07-01T12:03:26.775911Z", "rpms": {"Rocky Linux 9": {"nvras": ["perl-IO-Compress-0:2.102-4.el9_8.1.noarch.rpm", "perl-IO-Compress-0:2.102-4.el9_8.1.src.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Arbitrary code execution vulnerability found in perl-IO-Compress necessitates an important updatefor Rocky Linux 9 users.. perl IO Compress update security. . LinuxSecurity.com Team

Calendar%202 Jul 01, 2026 Rocky Linux
219

Rocky Linux MariaDB Critical Arbitrary Code Execution RLSA-2026-33464

Important: mariadb:10.11 security, bug fix, and enhancement update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:33464", "synopsis": "Important: mariadb:10.11 security, bug fix, and enhancement update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.Judy, Judy.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nSecurity Fix(es):\n\n* mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd (CVE-2026-49261)\n\nBug Fix(es) and Enhancement(s):\n\n* [Rocky Linux8][tracker] Rebase Galera to 26.4.27 MariaDB:10.11 (JIRA:Rocky Linux-145347)\n\n* Rebase MariaDB 10.11 to 10.11.18 in Rocky Linux8 (JIRA:Rocky Linux-183088)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2487957", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2487957", "description": ""}, {"ticket": "2488450", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488450", "description": ""}, {"ticket": "2488451", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488451", "description": ""}, {"ticket": "2488453", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488453", "description": ""}, {"ticket": "2488454", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488454", "description": ""}, {"ticket": "2488458", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488458", "description": ""}, {"ticket": "2488459", "sourceBy": "RedHat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488459", "description": ""}, {"ticket": "2488460", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488460", "description": ""}, {"ticket": "2488467", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2488467", "description": ""}], "cves": [{"name": "CVE-2026-44168", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44168", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "8.0", "cwe": "CWE-78"}, {"name": "CVE-2026-44169", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44169", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "cvss3BaseScore": "4.3", "cwe": "CWE-266"}, {"name": "CVE-2026-44170", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44170", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "9.9", "cwe": "CWE-78"}, {"name": "CVE-2026-44171", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44171", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H", "cvss3BaseScore": "5.8", "cwe": "CWE-22"}, {"name": "CVE-2026-44172", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44172", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "cvss3BaseScore": "9.1", "cwe": "CWE-89"}, {"name": "CVE-2026-44173", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-44173", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "cvss3BaseScore": "8.1", "cwe": "CWE-266"}, {"name": "CVE-2026-48163", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48163", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "9.1", "cwe":"CWE-78"}, {"name": "CVE-2026-48165", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-48165", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "9.1", "cwe": "CWE-78"}, {"name": "CVE-2026-49261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49261", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "9.0", "cwe": "CWE-78"}], "references": [], "publishedAt": "2026-06-30T12:02:57.126317Z", "rpms": {"Rocky Linux 8": {"nvras": ["Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.src.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm","Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. MariaDB update for Rocky Linux addresses critical issues including arbitrary code execution and security fixes.. Rocky Linux, MariaDB security, update advisory, code execution, security fixes. . LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Rocky Linux
219

Rocky Linux mariadb Important Code Execution Threat RLSA-2026-33464

Important: mariadb:10.11 security, bug fix, and enhancement update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:33464", "synopsis": "Important: mariadb:10.11 security, bug fix, and enhancement update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.Judy, Judy.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nSecurity Fix(es):\n\n* mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd (CVE-2026-49261)\n\nBug Fix(es) and Enhancement(s):\n\n* [Rocky Linux8][tracker] Rebase Galera to 26.4.27 MariaDB:10.11 (JIRA:Rocky Linux-145347)\n\n* Rebase MariaDB 10.11 to 10.11.18 in Rocky Linux8 (JIRA:Rocky Linux-183088)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2487957", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2487957", "description": ""}], "cves": [{"name": "CVE-2026-49261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-49261", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "9.0", "cwe": "CWE-78"}], "references": [], "publishedAt": "2026-06-30T12:02:57.126317Z", "rpms": {"Rocky Linux 8": {"nvras": ["Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.src.rpm","Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.src.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important mariadb 10.11 security updates for Rocky Linux address bugs and allow for enhanced protection. Immediate action advised.. Rocky Linux mariadb updates security fix. . LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Rocky Linux
202

openSUSE Leap 16.0 Ansible-Core Important Code Execution Risk 2026-21097-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for ansible-core ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21097-1 Rating: important References: * bsc#1267822 Cross-References: * CVE-2026-11332 CVSS scores: * CVE-2026-11332 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution (bsc#1267822). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-962=1 Package List: - openSUSE Leap 16.0: ansible-core-2.18.3-160000.3.1 ansible-test-2.18.3-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2026-11332.html . openSUSE updates ansible-core for an important security issue with arbitrary code execution risk. Install recommended fixes.. openSUSE security, ansible-core update, code execution risk, security patch, system vulnerability. . LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 OpenSUSE
202

openSUSE Leap 16.0 Dracut Important Root Execution Vuln 2026-21054-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for dracut ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21054-1 Rating: important References: * bsc#1268322 Cross-References: * CVE-2026-6893 CVSS scores: * CVE-2026-6893 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6893 ( SUSE ): 8.7 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for dracut fixes the following issue - CVE-2026-6893: Root code execution via DHCP options command injection (bsc#1268322). Changes for dracut: - Update to version 059+suse.722.gdd9d67ff5: * fix(network-legacy): sanitize DHCP values in dhclient-script.sh (bsc#1268322, CVE-2026-6893) * fix(network-legacy): add input validation to RFC 3442 route parser Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-1067=1 Package List: - openSUSE Leap 16.0: dracut-059+suse.722.gdd9d67ff5-160000.1.1 dracut-extra-059+suse.722.gdd9d67ff5-160000.1.1 dracut-fips-059+suse.722.gdd9d67ff5-160000.1.1 dracut-ima-059+suse.722.gdd9d67ff5-160000.1.1 dracut-tools-059+suse.722.gdd9d67ff5-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-6893.html . Update to openSUSE fixes important issue in dracut, mitigating root execution via DHCP injection. Act now.. openSUSE dracut security update, dracut DHCP code execution, openSUSE security patch, important openSUSE update. . LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here