Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 253 articles for you...
217

Oracle Linux 10 ELSA-2026-24985 Poppler Important Integer Overflow

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-24985 http://linux.oracle.com/errata/ELSA-2026-24985.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: poppler-24.02.0-7.el10_2.2.x86_64.rpm poppler-cpp-24.02.0-7.el10_2.2.x86_64.rpm poppler-cpp-devel-24.02.0-7.el10_2.2.x86_64.rpm poppler-devel-24.02.0-7.el10_2.2.x86_64.rpm poppler-glib-24.02.0-7.el10_2.2.x86_64.rpm poppler-glib-devel-24.02.0-7.el10_2.2.x86_64.rpm poppler-glib-doc-24.02.0-7.el10_2.2.noarch.rpm poppler-qt6-24.02.0-7.el10_2.2.x86_64.rpm poppler-qt6-devel-24.02.0-7.el10_2.2.x86_64.rpm poppler-utils-24.02.0-7.el10_2.2.x86_64.rpm aarch64: poppler-24.02.0-7.el10_2.2.aarch64.rpm poppler-cpp-24.02.0-7.el10_2.2.aarch64.rpm poppler-cpp-devel-24.02.0-7.el10_2.2.aarch64.rpm poppler-devel-24.02.0-7.el10_2.2.aarch64.rpm poppler-glib-24.02.0-7.el10_2.2.aarch64.rpm poppler-glib-devel-24.02.0-7.el10_2.2.aarch64.rpm poppler-glib-doc-24.02.0-7.el10_2.2.noarch.rpm poppler-qt6-24.02.0-7.el10_2.2.aarch64.rpm poppler-qt6-devel-24.02.0-7.el10_2.2.aarch64.rpm poppler-utils-24.02.0-7.el10_2.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/poppler-24.02.0-7.el10_2.2.src.rpm Related CVEs: CVE-2026-10118 Description of changes: [24.02.0-7.el10_2.2] - Fix integer overflow in tilingPatternFill (CVE-2026-10118) - Bump NVR for MR - Resolves: RHEL-180565 [24.02.0-7.el10_2.1] - Fix integer overflow in tilingPatternFill (CVE-2026-10118) - Resolves: RHEL-180565 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Important security update for Oracle Linux fixing integer overflow in Poppler applications. Update recommended now.. Oracle Linux, poppler, integer overflow, software update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 17, 2026 Important Oracle
203

Mageia 10 Poppler Critical Integer Overflow Heap Overflow Fix 2026-0256

Security update. Publication date: 16 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0256.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-10118 Description: The updated packages fix a security vulnerability: Integer overflow in poppler splashoutputdev::tilingpatternfill leads to heap buffer overflow via unchecked dimension multiplication. (CVE-2026-10118) References: - https://bugs.mageia.org/show_bug.cgi?id=35658 - https://ubuntu.com/security/notices/USN-8400-1 - https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715 - https://lists.debian.org/debian-security-announce/2026/msg00244.html - https://www.cve.org/CVERecord?id=CVE-2026-10118 SRPMS: - 10/core/poppler-25.12.0-1.1.mga10 - 9/core/poppler-23.02.0-1.9.mga9 . Updated Mageia poppler packages address critical integer overflow leading to heap overflow issues. Immediate action recommended.. Mageia security patch, poppler update, heap overflow fix, integer overflow vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Critical Mageia
217

Oracle Linux 9 poppler Important Integer Overflow Fix ELSA-2026-25058

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-25058 http://linux.oracle.com/errata/ELSA-2026-25058.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: poppler-21.01.0-24.el9_8.1.i686.rpm poppler-21.01.0-24.el9_8.1.x86_64.rpm poppler-cpp-21.01.0-24.el9_8.1.i686.rpm poppler-cpp-21.01.0-24.el9_8.1.x86_64.rpm poppler-cpp-devel-21.01.0-24.el9_8.1.i686.rpm poppler-cpp-devel-21.01.0-24.el9_8.1.x86_64.rpm poppler-devel-21.01.0-24.el9_8.1.i686.rpm poppler-devel-21.01.0-24.el9_8.1.x86_64.rpm poppler-glib-21.01.0-24.el9_8.1.i686.rpm poppler-glib-21.01.0-24.el9_8.1.x86_64.rpm poppler-glib-devel-21.01.0-24.el9_8.1.i686.rpm poppler-glib-devel-21.01.0-24.el9_8.1.x86_64.rpm poppler-glib-doc-21.01.0-24.el9_8.1.noarch.rpm poppler-qt5-21.01.0-24.el9_8.1.i686.rpm poppler-qt5-21.01.0-24.el9_8.1.x86_64.rpm poppler-qt5-devel-21.01.0-24.el9_8.1.i686.rpm poppler-qt5-devel-21.01.0-24.el9_8.1.x86_64.rpm poppler-utils-21.01.0-24.el9_8.1.x86_64.rpm aarch64: poppler-21.01.0-24.el9_8.1.aarch64.rpm poppler-cpp-21.01.0-24.el9_8.1.aarch64.rpm poppler-cpp-devel-21.01.0-24.el9_8.1.aarch64.rpm poppler-devel-21.01.0-24.el9_8.1.aarch64.rpm poppler-glib-21.01.0-24.el9_8.1.aarch64.rpm poppler-glib-devel-21.01.0-24.el9_8.1.aarch64.rpm poppler-glib-doc-21.01.0-24.el9_8.1.noarch.rpm poppler-qt5-21.01.0-24.el9_8.1.aarch64.rpm poppler-qt5-devel-21.01.0-24.el9_8.1.aarch64.rpm poppler-utils-21.01.0-24.el9_8.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/poppler-21.01.0-24.el9_8.1.src.rpm Related CVEs: CVE-2026-10118 Description of changes: [21.01.0-24.el9_8.1] - Fix integer overflow in tilingPatternFill (CVE-2026-10118) - Resolves: RHEL-180580 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2026-25058 addresses significant integer overflow inpoppler which needs urgent attention.. Oracle Linux Updates, poppler Security Advisory, critical Linux Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 Important Oracle
87

Debian poppler Important Denial of Service Issues DSA-6334-1

Several vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service, information disclosure, or potentially the execution of arbitrary code if a specially crafted file is processed. For the oldstable distribution (bookworm), these problems have been fixed. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6334-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 09, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : poppler CVE ID : CVE-2025-43718 CVE-2025-52885 CVE-2026-10118 Debian Bug : 1117046 1117853 1138708 Several vulnerabilities were discovered in poppler, a PDF rendering library, which could result in denial of service, information disclosure, or potentially the execution of arbitrary code if a specially crafted file is processed. For the oldstable distribution (bookworm), these problems have been fixed in version 22.12.0-2+deb12u2. For the stable distribution (trixie), these problems have been fixed in version 25.03.0-5+deb13u3. We recommend that you upgrade your poppler packages. For the detailed security status of poppler please refer to its security tracker page at: https://security-tracker.debian.org/tracker/poppler Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Discover critical vulnerabilities in poppler affecting Debian, including denial of service and arbitrary code execution issues.. Debian Security, Poppler Vulnerability, DSA-6334-1, Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2026 Important Debian
172

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

poppler could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8400-1 June 08, 2026 poppler vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: poppler could be made to crash or run programs if it opened a specially crafted file. Software Description: - poppler: PDF rendering library Details: It was discovered that poppler incorrectly handled certain malformed PDF tiling patterns in the Splash backend. An attacker could possibly use this issue to execute arbitrary code, obtain sensitive information, or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libpoppler156 26.01.0-2ubuntu0.1 poppler-utils 26.01.0-2ubuntu0.1 Ubuntu 25.10 libpoppler147 25.03.0-10ubuntu0.2 poppler-utils 25.03.0-10ubuntu0.2 Ubuntu 24.04 LTS libpoppler134 24.02.0-1ubuntu9.9 poppler-utils 24.02.0-1ubuntu9.9 Ubuntu 22.04 LTS libpoppler118 22.02.0-2ubuntu0.13 poppler-utils 22.02.0-2ubuntu0.13 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8400-1 CVE-2026-10118 Package Information: https://launchpad.net/ubuntu/+source/poppler/26.01.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/poppler/25.03.0-10ubuntu0.2 https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.9 https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.13 . poppler in Ubuntu could allow crashes or code execution via crafted PDFs. Update instructions included.. Ubuntu Poppler Security, PDFVulnerability, System Update Instructions. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 08, 2026 Critical Ubuntu
172

Ubuntu 26.04 LTS poppler Critical Code Exec Denial of Service USN-8400-1

poppler could be made to crash or run programs if it opened a specially crafted file.. ========================================================================== Ubuntu Security Notice USN-8400-1 June 08, 2026 poppler vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: poppler could be made to crash or run programs if it opened a specially crafted file. Software Description: - poppler: PDF rendering library Details: It was discovered that poppler incorrectly handled certain malformed PDF tiling patterns in the Splash backend. An attacker could possibly use this issue to execute arbitrary code, obtain sensitive information, or cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS libpoppler156 26.01.0-2ubuntu0.1 poppler-utils 26.01.0-2ubuntu0.1 Ubuntu 25.10 libpoppler147 25.03.0-10ubuntu0.2 poppler-utils 25.03.0-10ubuntu0.2 Ubuntu 24.04 LTS libpoppler134 24.02.0-1ubuntu9.9 poppler-utils 24.02.0-1ubuntu9.9 Ubuntu 22.04 LTS libpoppler118 22.02.0-2ubuntu0.13 poppler-utils 22.02.0-2ubuntu0.13 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8400-1 CVE-2026-10118 Package Information: https://launchpad.net/ubuntu/+source/poppler/26.01.0-2ubuntu0.1 https://launchpad.net/ubuntu/+source/poppler/25.03.0-10ubuntu0.2 https://launchpad.net/ubuntu/+source/poppler/24.02.0-1ubuntu9.9 https://launchpad.net/ubuntu/+source/poppler/22.02.0-2ubuntu0.13 . A critical issue in poppler could cause crashes or execute arbitrary code via specially crafted files.. Ubuntu Security, PopplerUpdate, Denial of Service, Critical Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 08, 2026 Critical Ubuntu
100

SUSE Linux Enterprise Server BCI 16.0 Poppler Loop Vulnerability Issue

An update that solves one vulnerability can now be installed.. # Security update for poppler Announcement ID: SUSE-SU-2026:20911-1 Release Date: 2026-03-19T08:11:15Z Rating: moderate References: * bsc#1252337 Cross-References: * CVE-2025-11896 CVSS scores: * CVE-2025-11896 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-11896 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-11896 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2025-11896: infinite recursion leading to stack overflow due to object loop in PDF CMap (bsc#1252337). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patch SUSE-SLES-16.0-411=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * libpoppler148-debuginfo-25.04.0-160000.4.1 * poppler-debugsource-25.04.0-160000.4.1 * libpoppler-glib8-debuginfo-25.04.0-160000.4.1 * typelib-1_0-Poppler-0_18-25.04.0-160000.4.1 * libpoppler-cpp2-25.04.0-160000.4.1 * libpoppler-qt6-devel-25.04.0-160000.4.1 * libpoppler-glib8-25.04.0-160000.4.1 * libpoppler-qt6-3-debuginfo-25.04.0-160000.4.1 * libpoppler-devel-25.04.0-160000.4.1 * libpoppler-qt6-3-25.04.0-160000.4.1 * libpoppler-cpp2-debuginfo-25.04.0-160000.4.1 * libpoppler148-25.04.0-160000.4.1 * poppler-tools-25.04.0-160000.4.1 * poppler-qt6-debugsource-25.04.0-160000.4.1 *poppler-tools-debuginfo-25.04.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11896.html * https://bugzilla.suse.com/show_bug.cgi?id=1252337 . Update available for SUSE addressing a moderate issue with poppler's infinite recursion leading to stack overflow vulnerability.. SUSE Update, Poppler Security, Moderate Risk, Infinite Recursion Fix. . LinuxSecurity.com Team

Calendar%202 Apr 01, 2026 SuSE
202

Ubuntu Focal Fossa 20.04.5 Ghostscript Memory Corruption Alert USN-4553-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for poppler ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20397-1 Rating: moderate References: * bsc#1252337 Cross-References: * CVE-2025-11896 CVSS scores: * CVE-2025-11896 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-11896 ( SUSE ): 2 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for poppler fixes the following issues: - CVE-2025-11896: infinite recursion leading to stack overflow due to object loop in PDF CMap (bsc#1252337). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-411=1 Package List: - openSUSE Leap 16.0: libpoppler-cpp2-25.04.0-160000.4.1 libpoppler-devel-25.04.0-160000.4.1 libpoppler-glib-devel-25.04.0-160000.4.1 libpoppler-glib8-25.04.0-160000.4.1 libpoppler-qt5-1-25.04.0-160000.4.1 libpoppler-qt5-devel-25.04.0-160000.4.1 libpoppler-qt6-3-25.04.0-160000.4.1 libpoppler-qt6-devel-25.04.0-160000.4.1 libpoppler148-25.04.0-160000.4.1 poppler-tools-25.04.0-160000.4.1 typelib-1_0-Poppler-0_18-25.04.0-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2025-11896.html . Update for openSUSE addresses moderate issue in poppler, fixing stack overflow vulnerability with installation instructions.. openSUSE security update, poppler update, stack overflow fix, CVE-2025-11896. . LinuxSecurity.com Team

Calendar%202 Mar 28, 2026 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200