Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 6 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 44 libmicrohttpd Major Update Resolving Null Pointer Complications

Update to 1.0.5-1 Update to 1.0.4-1 Update to 1.0.3-1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-17060a5ba0 2026-04-25 01:21:36.173323+00:00 -------------------------------------------------------------------------------- Name : libmicrohttpd Product : Fedora 44 Version : 1.0.5 Release : 1.fc44 URL : http://www.gnu.org/software/libmicrohttpd/ Summary : Lightweight library for embedding a webserver in applications Description : GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: * C library: fast and small * API is simple, expressive and fully reentrant * Implementation is http 1.1 compliant * HTTP server can listen on multiple ports * Support for IPv6 * Support for incremental processing of POST data * Creates binary of only 25k (for now) * Three different threading models -------------------------------------------------------------------------------- Update Information: Update to 1.0.5-1 Update to 1.0.4-1 Update to 1.0.3-1 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 16 2026 Martin Gansser - 1:1.0.5-1 - Update to 1:1.0.5 * Mon Apr 13 2026 Martin Gansser - 1:1.0.4-1 - Update to 1:1.0.4 * Thu Apr 2 2026 Martin Gansser - 1:1.0.3-1 - Update to 1:1.0.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413882 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413882 [ 2 ] Bug #2413888 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413888 [ 3 ] Bug #2413893 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd nullpointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413893 [ 4 ] Bug #2413896 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413896 [ 5 ] Bug #2454160 - libmicrohttpd-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2454160 [ 6 ] Bug #2457804 - libmicrohttpd-1.0.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2457804 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-17060a5ba0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Latest Fedora 44 libmicrohttpd updates address multiple critical null pointer issues to enhance application security.. libmicrohttpd updates, Fedora security, C library vulnerabilities, null pointer dereference. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 25, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuethreat

Fedora 42 libmicrohttpd Null Pointer Threat Advisory 2026-7a0641ca41

Update to 1.0.3-1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-7a0641ca41 2026-04-12 15:52:51.750283+00:00 -------------------------------------------------------------------------------- Name : libmicrohttpd Product : Fedora 42 Version : 1.0.3 Release : 1.fc42 URL : http://www.gnu.org/software/libmicrohttpd/ Summary : Lightweight library for embedding a webserver in applications Description : GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: * C library: fast and small * API is simple, expressive and fully reentrant * Implementation is http 1.1 compliant * HTTP server can listen on multiple ports * Support for IPv6 * Support for incremental processing of POST data * Creates binary of only 25k (for now) * Three different threading models -------------------------------------------------------------------------------- Update Information: Update to 1.0.3-1 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 2 2026 Martin Gansser - 1:1.0.3-1 - Update to 1:1.0.3 * Fri Jan 16 2026 Fedora Release Engineering - 1:1.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering - 1:1.0.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413882 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413882 [ 2 ] Bug #2413888 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413888 [ 3 ] Bug #2413893 -CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413893 [ 4 ] Bug #2413896 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413896 [ 5 ] Bug #2454160 - libmicrohttpd-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2454160 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7a0641ca41' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update to libmicrohttpd 1.0.3 enhances security against null pointer problems in Fedora 42 distribution.. Fedora 42, libmicrohttpd, update, security issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 12, 2026 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 43 libmicrohttpd Null Pointer Dereference Advisory 2026-65a08d1312

Update to 1.0.3-1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-65a08d1312 2026-04-12 15:36:52.829593+00:00 -------------------------------------------------------------------------------- Name : libmicrohttpd Product : Fedora 43 Version : 1.0.3 Release : 1.fc43 URL : http://www.gnu.org/software/libmicrohttpd/ Summary : Lightweight library for embedding a webserver in applications Description : GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: * C library: fast and small * API is simple, expressive and fully reentrant * Implementation is http 1.1 compliant * HTTP server can listen on multiple ports * Support for IPv6 * Support for incremental processing of POST data * Creates binary of only 25k (for now) * Three different threading models -------------------------------------------------------------------------------- Update Information: Update to 1.0.3-1 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 2 2026 Martin Gansser - 1:1.0.3-1 - Update to 1:1.0.3 * Fri Jan 16 2026 Fedora Release Engineering - 1:1.0.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2413882 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413882 [ 2 ] Bug #2413888 - CVE-2025-59777 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413888 [ 3 ] Bug #2413893 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2413893 [ 4 ] Bug #2413896 - CVE-2025-62689 libmicrohttpd: GNU libmicrohttpd null pointer dereference [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2413896 [ 5 ] Bug #2454160 - libmicrohttpd-1.0.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=2454160 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-65a08d1312' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Latest update for Fedora 43 addresses null pointer dereference in libmicrohttpd to ensure improved security and stability.. Fedora Security Update, libmicrohttpd, null pointer dereference, Fedora 43. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 12, 2026 Important Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowSuSE

SUSE: libmicrohttpd Important Buffer Overflow Fix CVE-2025-59777

An update that solves two vulnerabilities can now be installed.. # Security update for libmicrohttpd Announcement ID: SUSE-SU-2026:20029-1 Release Date: 2026-01-12T11:14:46Z Rating: important References: * bsc#1253177 * bsc#1253178 Cross-References: * CVE-2025-59777 * CVE-2025-62689 CVSS scores: * CVE-2025-59777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59777 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-59777 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libmicrohttpd fixes the following issues: * CVE-2025-62689: Fixed heap-based buffer overflow through a specially crafted packet (bsc#1253178) * CVE-2025-59777: Fixed NULL pointer dereference through a specially crafted packet (bsc#1253177) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listedfor your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-130=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-130=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libmicrohttpd-devel-1.0.1-160000.3.1 * libmicrohttpd12-1.0.1-160000.3.1 * libmicrohttpd12-debuginfo-1.0.1-160000.3.1 * libmicrohttpd-debugsource-1.0.1-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * libmicrohttpd-devel-1.0.1-160000.3.1 * libmicrohttpd12-1.0.1-160000.3.1 * libmicrohttpd12-debuginfo-1.0.1-160000.3.1 * libmicrohttpd-debugsource-1.0.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59777.html * https://www.suse.com/security/cve/CVE-2025-62689.html * https://bugzilla.suse.com/show_bug.cgi?id=1253177 * https://bugzilla.suse.com/show_bug.cgi?id=1253178 . This update resolves critical issues in libmicrohttpd for SUSE, addressing important buffer overflow and pointer issues.. libmicrohttpd update,SUSE vulnerabilities,security patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 15, 2026 Important SuSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantheap overflow

SUSE Linux Micro 6.1: Key Security Patch for libmicrohttpd 2026:20057-1

An update that solves two vulnerabilities can now be installed.. # Security update for libmicrohttpd Announcement ID: SUSE-SU-2026:20057-1 Release Date: 2026-01-02T11:07:14Z Rating: important References: * bsc#1253177 * bsc#1253178 Cross-References: * CVE-2025-59777 * CVE-2025-62689 CVSS scores: * CVE-2025-59777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59777 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-59777 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for libmicrohttpd fixes the following issues: * CVE-2025-59777: Fixed NULL pointer dereference (bsc#1253177). * CVE-2025-62689: Fixed heap-based buffer overflow(bsc#1253178). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-364=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64ppc64le s390x x86_64) * libmicrohttpd12-0.9.77-slfo.1.1_2.1 * libmicrohttpd12-debuginfo-0.9.77-slfo.1.1_2.1 * libmicrohttpd-debugsource-0.9.77-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59777.html * https://www.suse.com/security/cve/CVE-2025-62689.html * https://bugzilla.suse.com/show_bug.cgi?id=1253177 * https://bugzilla.suse.com/show_bug.cgi?id=1253178 . An important security update for libmicrohttpd addresses heap overflow and NULL dereference vulnerabilities in SUSE.. libmicrohttpd patch, SUSE security update, buffer overflow fix, NULL pointer vulnerability, security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 15, 2026 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowSuSE

SUSE Micro 6.2: libmicrohttpd Important Buffer Overflow CVE-2025-59777

An update that solves two vulnerabilities can now be installed.. # Security update for libmicrohttpd Announcement ID: SUSE-SU-2026:20072-1 Release Date: 2026-01-12T11:15:37Z Rating: important References: * bsc#1253177 * bsc#1253178 Cross-References: * CVE-2025-59777 * CVE-2025-62689 CVSS scores: * CVE-2025-59777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59777 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-59777 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for libmicrohttpd fixes the following issues: * CVE-2025-62689: Fixed heap-based buffer overflow through a specially crafted packet (bsc#1253178) * CVE-2025-59777: Fixed NULL pointer dereference through a specially crafted packet (bsc#1253177) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patchSUSE-SL-Micro-6.2-130=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libmicrohttpd12-1.0.1-160000.3.1 * libmicrohttpd12-debuginfo-1.0.1-160000.3.1 * libmicrohttpd-debugsource-1.0.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59777.html * https://www.suse.com/security/cve/CVE-2025-62689.html * https://bugzilla.suse.com/show_bug.cgi?id=1253177 * https://bugzilla.suse.com/show_bug.cgi?id=1253178 . SUSE's security update addresses important vulnerabilities in libmicrohttpd affecting version 6.2. Install promptly to safeguard.. SUSE security update, libmicrohttpd patch, buffer overflow fix, system security, SUSE Linux Micro. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 15, 2026 Important SuSE
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorybuffer overflowimportant

openSUSE Leap 16.0 Critical Buffer Overflow in libmicrohttpd CVE-2025-59777

An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.. openSUSE security update: security update for libmicrohttpd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20016-1 Rating: important References: * bsc#1253177 * bsc#1253178 Cross-References: * CVE-2025-59777 * CVE-2025-62689 CVSS scores: * CVE-2025-59777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-62689 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed. Description: This update for libmicrohttpd fixes the following issues: - CVE-2025-62689: Fixed heap-based buffer overflow through a specially crafted packet (bsc#1253178) - CVE-2025-59777: Fixed NULL pointer dereference through a specially crafted packet (bsc#1253177) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-130=1 Package List: - openSUSE Leap 16.0: libmicrohttpd-devel-1.0.1-160000.3.1 libmicrohttpd12-1.0.1-160000.3.1 References: * https://www.suse.com/security/cve/CVE-2025-59777.html * https://www.suse.com/security/cve/CVE-2025-62689.html . This update addresses important vulnerabilities in libmicrohttpd for openSUSE, enhancing system security effectively.. openSUSE libmicrohttpd security update buffer overflow NULLpointer. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 13, 2026 Important OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowSuSE

SUSE Avails Critical Buffer Overflow and NULL Pointer CVE-2025-59777

An update that solves two vulnerabilities can now be installed.. # Security update for libmicrohttpd Announcement ID: SUSE-SU-2025:21200-1 Release Date: 2025-12-09T15:27:22Z Rating: important References: * bsc#1253177 * bsc#1253178 Cross-References: * CVE-2025-59777 * CVE-2025-62689 CVSS scores: * CVE-2025-59777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-59777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-59777 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-59777 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62689 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-62689 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libmicrohttpd fixes the following issues: * CVE-2025-59777: Fixed NULL pointer dereference (bsc#1253177). * CVE-2025-62689: Fixed heap-based buffer overflow(bsc#1253178). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-531=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64s390x x86_64) * libmicrohttpd-debugsource-0.9.77-2.1 * libmicrohttpd12-debuginfo-0.9.77-2.1 * libmicrohttpd12-0.9.77-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-59777.html * https://www.suse.com/security/cve/CVE-2025-62689.html * https://bugzilla.suse.com/show_bug.cgi?id=1253177 * https://bugzilla.suse.com/show_bug.cgi?id=1253178 . An important update for libmicrohttpd fixes a NULL pointer dereference and a buffer overflow issue for SUSE systems.. libmicrohttpd security, SUSE update, buffer overflow fix, NULL pointer issue, Linux vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 16, 2025 Important SuSE
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here