Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 44 python-django6 Security Advisory CVE-2026-5766 Denial of Service

Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST Fixes CVE-2026-6907: Potential exposure of private data due to incorrect. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-de6e24ae07 2026-05-21 00:54:04.884700+00:00 -------------------------------------------------------------------------------- Name : python-django6 Product : Fedora 44 Version : 6.0.5 Release : 1.fc44 URL : https://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. -------------------------------------------------------------------------------- Update Information: Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST Fixes CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware Fixes CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation Fixes CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin Fixes CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable Fixes CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload Fixes CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass Fixes CVE-2026-25674: Potential incorrect permissions on newly created file system objects -------------------------------------------------------------------------------- ChangeLog: * Tue May 12 2026 Michel Lind - 6.0.5-1 - Update to version 6.0.5; Resolves RHBZ#2444118 - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST - Fixes CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware - Fixes CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation - Fixes CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin - Fixes CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable - Fixes CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload - Fixes CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass - Fixes CVE-2026-25674: Potential incorrect permissions on newly created file system objects -------------------------------------------------------------------------------- References: [ 1 ] Bug #2444118 - python-django6-6.0.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2444118 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-de6e24ae07' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Django security update for potential DoS threats and session fixation; crucial for latest Fedora systems.. Django security update, Fedora 44 update, DoS vulnerabilities, session fixation risk, privilege escalation fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 21, 2026 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Ubuntu 24 node-express10 Major RCE Vulnerability Patch 2026-a1234567bc

Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST Fixes CVE-2026-6907: Potential exposure of private data due to incorrect. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b9548393aa 2026-05-14 04:02:29.141273+00:00 -------------------------------------------------------------------------------- Name : python-django5 Product : Fedora 42 Version : 5.2.14 Release : 1.fc42 URL : https://www.djangoproject.com/ Summary : A high-level Python Web framework Description : Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself) principle. -------------------------------------------------------------------------------- Update Information: Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST Fixes CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware Fixes CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation Fixes CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin Fixes CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable Fixes CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload Fixes CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass Fixes CVE-2026-25674: Potential incorrect permissions on newly created file system objects -------------------------------------------------------------------------------- ChangeLog: * Tue May 12 2026 Michel Lind - 5.2.14-1 - Update to version 5.2.14; Resolves RHBZ#2444117 - Fixes CVE-2026-5766: Potential denial-of-service vulnerability in ASGI requests via file upload limit bypass - Fixes CVE-2026-35192: Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST - Fixes CVE-2026-6907: Potential exposure of private data due to incorrect handling of Vary: * in UpdateCacheMiddleware - Fixes CVE-2026-3902: ASGI header spoofing via underscore/hyphen conflation - Fixes CVE-2026-4277: Privilege abuse in GenericInlineModelAdmin - Fixes CVE-2026-4292: Privilege abuse in ModelAdmin.list_editable - Fixes CVE-2026-33033: Potential denial-of-service vulnerability in MultiPartParser via base64-encoded file upload - Fixes CVE-2026-33034: Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass - Fixes CVE-2026-25674: Potential incorrect permissions on newly created file system objects -------------------------------------------------------------------------------- References: [ 1 ] Bug #2444117 - python-django5-5.2.14 is available https://bugzilla.redhat.com/show_bug.cgi?id=2444117 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b9548393aa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Addressing multiple issues in python-django5 for Fedora 42, including denial of service, session fixation, and privilege abuse.. Fedora Update, python-django5, Denial of Service, Security Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 14, 2026 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of serviceimportant

Mageia 9 Python-Django Important DoS and Privilege Abuse 2026-0093

MGASA-2026-0093 - Updated python-django packages fix security vulnerabilities. MGASA-2026-0093 - Updated python-django packages fix security vulnerabilities Publication date: 11 Apr 2026 URL: https://advisories.mageia.org/MGASA-2026-0093.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-3902, CVE-2026-4277, CVE-2026-4292, CVE-2026-33033, CVE-2026-33034 Description: ASGI header spoofing via underscore/hyphen conflation. (CVE-2026-3902) Privilege abuse in ``GenericInlineModelAdmin``. (CVE-2026-4277) Privilege abuse in ``ModelAdmin.list_editable``. (CVE-2026-4292) Potential denial-of-service vulnerability in ``MultiPartParser`` via base64-encoded file upload. (CVE-2026-33033) Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass. (CVE-2026-33034) References: - https://bugs.mageia.org/show_bug.cgi?id=35330 - https://www.openwall.com/lists/oss-security/2026/04/07/10 - https://www.cve.org/CVERecord?id=CVE-2026-3902 - https://www.cve.org/CVERecord?id=CVE-2026-4277 - https://www.cve.org/CVERecord?id=CVE-2026-4292 - https://www.cve.org/CVERecord?id=CVE-2026-33033 - https://www.cve.org/CVERecord?id=CVE-2026-33034 SRPMS: - 9/core/python-django-4.1.13-1.12.mga9 . Updated python-django packages address critical security flaws in Mageia 9, enhancing system security with essential fixes.. Mageia python-django security advisory, python-django vulnerabilities, denial of service Mageia, privilege escalation Django. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 12, 2026 Important Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here