Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1,133 articles for you...
172

Ubuntu Linux-NVIDIA Critical Security Flaws 8507-1 System Compromise

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8507-1 July 06, 2026 linux-nvidia vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-nvidia: Linux kernel for NVIDIA systems Details: It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. (CVE-2025-54505) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Rados block device (RBD) driver; - Compressed RAM block device driver; - Character device driver; - TPM device driver; - Hardware crypto device drivers; - EDAC drivers; - GPU drivers; - Greybus drivers; - HID subsystem; - Microsoft Hyper-V drivers; - Hardware monitoring drivers; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - LED subsystem; - Multiple devices driver; - Media drivers; - IBM Advanced System Management driver; - MTD block device drivers; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - NTB driver; - NVME drivers; - Device tree and open firmware driver; - PCI subsystem; - Remote Processor subsystem; - SCSI subsystem; - SPI subsystem; - Realtek RTL8723BS SDIO drivers; - SM750 framebuffer staging driver; - Thermal drivers; - USB Gadget drivers; - USB over IP driver; - VFIO drivers; - Framebuffer layer; - 9P distributed file system; - AFS file system; - Cephdistributed file system; - File systems infrastructure; - EROFS file system; - Ext4 file system; - F2FS file system; - FUSE (File system in Userspace); - Journaling layer for block devices (JBD2); - NILFS2 file system; - File system notification infrastructure; - NTFS3 file system; - OCFS2 file system; - SMB network file system; - UDF file system; - XFS file system; - Codetag library; - Memory management; - Memory Management; - KVM subsystem; - Tracing infrastructure; - User-space API (UAPI); - io_uring subsystem; - Locking primitives; - Timer subsystem; - Scatterlist API; - Heterogeneous memory management; - KASAN memory debugging framework; - Bluetooth subsystem; - Ethernet bridge; - CAIF protocol; - CAN network layer; - Ceph Core library; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Netfilter; - NFC subsystem; - Packet sockets; - Qualcomm IPC Router (QRTR); - RDS protocol; - RxRPC session sockets; - SMC sockets; - Stream parser; - Landlock security; - SELinux security module; - ALSA framework; - Generic PCM loopback sound driver; - FireWire sound drivers; - Creative Sound Blaster X-Fi driver; - QCOM ASoC drivers; - USB sound devices; - Objtool; (CVE-2026-31532, CVE-2026-31574, CVE-2026-31575, CVE-2026-31576, CVE-2026-31577, CVE-2026-31578, CVE-2026-31579, CVE-2026-31580, CVE-2026-31581, CVE-2026-31582, CVE-2026-31583, CVE-2026-31584, CVE-2026-31585, CVE-2026-31586, CVE-2026-31587, CVE-2026-31588, CVE-2026-31589, CVE-2026-31590, CVE-2026-31591, CVE-2026-31592, CVE-2026-31593, CVE-2026-31594, CVE-2026-31595, CVE-2026-31596, CVE-2026-31597, CVE-2026-31598, CVE-2026-31599, CVE-2026-31600, CVE-2026-31601, CVE-2026-31602, CVE-2026-31603, CVE-2026-31604, CVE-2026-31605, CVE-2026-31606, CVE-2026-31607, CVE-2026-31608, CVE-2026-31609, CVE-2026-31610, CVE-2026-31611, CVE-2026-31612, CVE-2026-31613, CVE-2026-31614, CVE-2026-31615, CVE-2026-31616, CVE-2026-31617, CVE-2026-31618, CVE-2026-31619,CVE-2026-31620, CVE-2026-31621, CVE-2026-31622, CVE-2026-31623, CVE-2026-31624, CVE-2026-31625, CVE-2026-31626, CVE-2026-31627, CVE-2026-31628, CVE-2026-31629, CVE-2026-31686, CVE-2026-31694, CVE-2026-31696, CVE-2026-31697, CVE-2026-31698, CVE-2026-31699, CVE-2026-31700, CVE-2026-31701, CVE-2026-31702, CVE-2026-31703, CVE-2026-31704, CVE-2026-31705, CVE-2026-31706, CVE-2026-31707, CVE-2026-31708, CVE-2026-31709, CVE-2026-31710, CVE-2026-31711, CVE-2026-31712, CVE-2026-31713, CVE-2026-31714, CVE-2026-31715, CVE-2026-31716, CVE-2026-31717, CVE-2026-31718, CVE-2026-31719, CVE-2026-43058, CVE-2026-43071, CVE-2026-43072, CVE-2026-43073, CVE-2026-43348, CVE-2026-43349, CVE-2026-43350, CVE-2026-43491, CVE-2026-43493, CVE-2026-43499, CVE-2026-43501, CVE-2026-45986, CVE-2026-45987, CVE-2026-45988, CVE-2026-45989, CVE-2026-45990, CVE-2026-45991, CVE-2026-45994, CVE-2026-45995, CVE-2026-45996, CVE-2026-45997, CVE-2026-45999, CVE-2026-46001, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004, CVE-2026-46005, CVE-2026-46006, CVE-2026-46007, CVE-2026-46008, CVE-2026-46009, CVE-2026-46010, CVE-2026-46011, CVE-2026-46012, CVE-2026-46013, CVE-2026-46014, CVE-2026-46015, CVE-2026-46016, CVE-2026-46018, CVE-2026-46019, CVE-2026-46020, CVE-2026-46021, CVE-2026-46022, CVE-2026-46023, CVE-2026-46024, CVE-2026-46025, CVE-2026-46026, CVE-2026-46027, CVE-2026-46028, CVE-2026-46029, CVE-2026-46030, CVE-2026-46031, CVE-2026-46032, CVE-2026-46033, CVE-2026-46034, CVE-2026-46035, CVE-2026-46036, CVE-2026-46037, CVE-2026-46038, CVE-2026-46039, CVE-2026-46040, CVE-2026-46041, CVE-2026-46042, CVE-2026-46043, CVE-2026-46044, CVE-2026-46045, CVE-2026-46046, CVE-2026-46047, CVE-2026-46049, CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46053, CVE-2026-46054, CVE-2026-46056, CVE-2026-46057, CVE-2026-46058, CVE-2026-46059, CVE-2026-46060, CVE-2026-46061, CVE-2026-46062, CVE-2026-46063, CVE-2026-46064, CVE-2026-46065, CVE-2026-46066, CVE-2026-46067, CVE-2026-46068, CVE-2026-46069, CVE-2026-46070, CVE-2026-46071, CVE-2026-46072, CVE-2026-46073,CVE-2026-46074, CVE-2026-46075, CVE-2026-46076, CVE-2026-46077, CVE-2026-46078, CVE-2026-46079, CVE-2026-46080, CVE-2026-46081, CVE-2026-46082, CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086, CVE-2026-46087, CVE-2026-46088, CVE-2026-46089, CVE-2026-46090, CVE-2026-46091, CVE-2026-46092, CVE-2026-46093, CVE-2026-46094, CVE-2026-46095, CVE-2026-46096, CVE-2026-46097, CVE-2026-46098, CVE-2026-46099, CVE-2026-46100, CVE-2026-46101, CVE-2026-46102, CVE-2026-46103, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46137, CVE-2026-46155, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46276, CVE-2026-46277, CVE-2026-46278, CVE-2026-46279, CVE-2026-46280, CVE-2026-46281, CVE-2026-46282, CVE-2026-46283, CVE-2026-46284, CVE-2026-46285, CVE-2026-46286, CVE-2026-46287, CVE-2026-46288, CVE-2026-46289, CVE-2026-46316, CVE-2026-46332, CVE-2026-52904, CVE-2026-52905, CVE-2026-52906, CVE-2026-52907, CVE-2026-52933) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS linux-image-7.0.0-1013-nvidia 7.0.0-1013.13 linux-image-7.0.0-1013-nvidia-64k 7.0.0-1013.13 linux-image-nvidia 7.0.0-1013.13 linux-image-nvidia-64k 7.0.0-1013.13 linux-image-nvidia-64k-7.0 7.0.0-1013.13 linux-image-nvidia-7.0 7.0.0-1013.13 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8507-1 CVE-2025-54505, CVE-2026-31532, CVE-2026-31574, CVE-2026-31575, CVE-2026-31576,CVE-2026-31577, CVE-2026-31578, CVE-2026-31579, CVE-2026-31580, CVE-2026-31581, CVE-2026-31582, CVE-2026-31583, CVE-2026-31584, CVE-2026-31585, CVE-2026-31586, CVE-2026-31587, CVE-2026-31588, CVE-2026-31589, CVE-2026-31590, CVE-2026-31591, CVE-2026-31592, CVE-2026-31593, CVE-2026-31594, CVE-2026-31595, CVE-2026-31596, CVE-2026-31597, CVE-2026-31598, CVE-2026-31599, CVE-2026-31600, CVE-2026-31601, CVE-2026-31602, CVE-2026-31603, CVE-2026-31604, CVE-2026-31605, CVE-2026-31606, CVE-2026-31607, CVE-2026-31608, CVE-2026-31609, CVE-2026-31610, CVE-2026-31611, CVE-2026-31612, CVE-2026-31613, CVE-2026-31614, CVE-2026-31615, CVE-2026-31616, CVE-2026-31617, CVE-2026-31618, CVE-2026-31619, CVE-2026-31620, CVE-2026-31621, CVE-2026-31622, CVE-2026-31623, CVE-2026-31624, CVE-2026-31625, CVE-2026-31626, CVE-2026-31627, CVE-2026-31628, CVE-2026-31629, CVE-2026-31686, CVE-2026-31694, CVE-2026-31696, CVE-2026-31697, CVE-2026-31698, CVE-2026-31699, CVE-2026-31700, CVE-2026-31701, CVE-2026-31702, CVE-2026-31703, CVE-2026-31704, CVE-2026-31705, CVE-2026-31706, CVE-2026-31707, CVE-2026-31708, CVE-2026-31709, CVE-2026-31710, CVE-2026-31711, CVE-2026-31712, CVE-2026-31713, CVE-2026-31714, CVE-2026-31715, CVE-2026-31716, CVE-2026-31717, CVE-2026-31718, CVE-2026-31719, CVE-2026-43058, CVE-2026-43071, CVE-2026-43072, CVE-2026-43073, CVE-2026-43348, CVE-2026-43349, CVE-2026-43350, CVE-2026-43491, CVE-2026-43493, CVE-2026-43499, CVE-2026-43501, CVE-2026-45986, CVE-2026-45987, CVE-2026-45988, CVE-2026-45989, CVE-2026-45990, CVE-2026-45991, CVE-2026-45994, CVE-2026-45995, CVE-2026-45996, CVE-2026-45997, CVE-2026-45999, CVE-2026-46001, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004, CVE-2026-46005, CVE-2026-46006, CVE-2026-46007, CVE-2026-46008, CVE-2026-46009, CVE-2026-46010, CVE-2026-46011, CVE-2026-46012, CVE-2026-46013, CVE-2026-46014, CVE-2026-46015, CVE-2026-46016, CVE-2026-46018, CVE-2026-46019, CVE-2026-46020, CVE-2026-46021, CVE-2026-46022, CVE-2026-46023, CVE-2026-46024,CVE-2026-46025, CVE-2026-46026, CVE-2026-46027, CVE-2026-46028, CVE-2026-46029, CVE-2026-46030, CVE-2026-46031, CVE-2026-46032, CVE-2026-46033, CVE-2026-46034, CVE-2026-46035, CVE-2026-46036, CVE-2026-46037, CVE-2026-46038, CVE-2026-46039, CVE-2026-46040, CVE-2026-46041, CVE-2026-46042, CVE-2026-46043, CVE-2026-46044, CVE-2026-46045, CVE-2026-46046, CVE-2026-46047, CVE-2026-46049, CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46053, CVE-2026-46054, CVE-2026-46056, CVE-2026-46057, CVE-2026-46058, CVE-2026-46059, CVE-2026-46060, CVE-2026-46061, CVE-2026-46062, CVE-2026-46063, CVE-2026-46064, CVE-2026-46065, CVE-2026-46066, CVE-2026-46067, CVE-2026-46068, CVE-2026-46069, CVE-2026-46070, CVE-2026-46071, CVE-2026-46072, CVE-2026-46073, CVE-2026-46074, CVE-2026-46075, CVE-2026-46076, CVE-2026-46077, CVE-2026-46078, CVE-2026-46079, CVE-2026-46080, CVE-2026-46081, CVE-2026-46082, CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086, CVE-2026-46087, CVE-2026-46088, CVE-2026-46089, CVE-2026-46090, CVE-2026-46091, CVE-2026-46092, CVE-2026-46093, CVE-2026-46094, CVE-2026-46095, CVE-2026-46096, CVE-2026-46097, CVE-2026-46098, CVE-2026-46099, CVE-2026-46100, CVE-2026-46101, CVE-2026-46102, CVE-2026-46103, CVE-2026-46115, CVE-2026-46119, CVE-2026-46135, CVE-2026-46137, CVE-2026-46155, CVE-2026-46185, CVE-2026-46195, CVE-2026-46243, CVE-2026-46244, CVE-2026-46276, CVE-2026-46277, CVE-2026-46278, CVE-2026-46279, CVE-2026-46280, CVE-2026-46281, CVE-2026-46282, CVE-2026-46283, CVE-2026-46284, CVE-2026-46285, CVE-2026-46286, CVE-2026-46287, CVE-2026-46288, CVE-2026-46289, CVE-2026-46316, CVE-2026-46332, CVE-2026-52904, CVE-2026-52905, CVE-2026-52906, CVE-2026-52907, CVE-2026-52933 Package Information: https://launchpad.net/ubuntu/+source/linux-nvidia/7.0.0-1013.13 . Due to critical issues in Linux kernel for NVIDIA, several vulnerabilities require immediate updates on Ubuntu 26.04 LTS.. Ubuntu vulnerabilities, Linux kernel security, NVIDIA updates. .Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Critical Ubuntu
202

openSUSE freerdp Important Heap Overflow Remote Exec Fix 2026-21116-1

An update that solves 11 vulnerabilities and has 12 bug fixes can now be installed.. openSUSE security update: security update for freerdp ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21116-1 Rating: important References: * bsc#1174200 * bsc#1261217 * bsc#1261222 * bsc#1261223 * bsc#1261226 * bsc#1261227 * bsc#1262743 * bsc#1266317 * bsc#1267008 * bsc#1267009 * bsc#1267010 * bsc#1267011 Cross-References: * CVE-2026-33982 * CVE-2026-33985 * CVE-2026-33986 * CVE-2026-33987 * CVE-2026-33995 * CVE-2026-40033 * CVE-2026-40254 * CVE-2026-44420 * CVE-2026-44421 * CVE-2026-44422 * CVE-2026-45700 CVSS scores: * CVE-2026-33982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-33985 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2026-33985 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-33986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-33987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-33995 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-40033 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40033 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40254 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-40254 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-44420 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44421 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44422 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45700 ( SUSE ): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2026-45700 ( SUSE ): 7.7CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 11 vulnerabilities and has 12 bug fixes can now be installed. Description: This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpr_aligned_offset_recalloc() (bsc#1261222). - CVE-2026-33985: FreeRDP: Information disclosure via heap memory out of bounds read (bsc#1261217). - CVE-2026-33986: heap OOB write due to H.264 YUV buffer dimension desync (bsc#1261223). - CVE-2026-33987: heap OOB write due to persistent cache bmpSize desync (bsc#1261226). - CVE-2026-33995: double-free vulnerability in kerberos_AcceptSecurityContext() and kerberos_InitializeSecurityContextA() (bsc#1261227). - CVE-2026-40033: heap buffer overflow in `gdi_CacheToSurface` allows attackers to cause a denial of service or achieve remote execute code (bsc#1266317). - CVE-2026-40254: off-by-one in contains_dotdot() allows drive channel path traversal (bsc#1262743). - CVE-2026-44420: Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server- side clipboard (cliprdr) channel (bsc#1267008). - CVE-2026-44421: Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs (bsc#1267009). - CVE-2026-44422: Prior to 3.26.0, a malicious-server-triggerable heap use-after-free / double-free in the FreeRDP client's RDPEAR authentication-redirection path exists (bsc#1267010). - CVE-2026-45700: n attacker can bypass the check with a large nDstStep and a large nXDst, causing planar_decompress_plane_rle() to write past the end of pTempData (bsc#1267011). Changes: * cmake: Findyuv: Use correct pkgconfig name(#12666) * Remove deallocator attribute from rfx_message_free (#12681) * [winpr,utils] improve winpr/ntlm.h (#12677) * rdpecam-v4l: stop the capture thread when streaming is cleared (#12690) * fix(winpr,ncrypt): support PIV retired key slots for smartcard logon (#12684) * [core,instance] fix deprecation guards (#12691) * [ci,alt-arch] enable internal MD4, MD5 and RC4 (#12692) * Add VideoToolbox H.264 support for ffmpeg (#12694) * [client,common] add /args-from:file: syntax (#12697) * [ci,freebsd] update freebsd builds (#12698, #12700, #12701, #12702) * [client, android] UI modernization, SQLCipher and more (#12685, #12686, #12687, #12730, * #12731, #12736, #12737, #12688) * [cmake,deps] use alias target for sso-mib (#12706) * [core,settings] add auto reconnect triggered flag (#12709) * Force YUV420P when videotoolbox is used (#12711) * Release cleanups (#12712) * [gdi,gfx] fix bounds checks and proxy unit tests (#12713) * Improved input checks (#12714) * [winpr,utils] add unit tests for command line parser (#12716) * Cmdline fixes (#12717) * [codec,planar] fix bounds checks (#12718) * [client,common] add freerdp_client_settings_parse_command_line_argume... (#12724) * [winpr,sspi] clean up ntlm code (#12732) * Experimental AV1 support has been added. This currently works only with FreeRDP based servers. * Most notably there is now support for [MS-RDPEWA] (FIDO2 redirection) * Android client received a (small) facelift * Improved SDL3 client drawing performance * Console output support for SDL3 (windows) and windows native client * RDP proxy now supports NSCodec and RFX modes. * RDP PRoxy now has smartcard emulation and SAM file support (via config file) * Smartcard KSP support for NLA authentication * [winpr,wlog] add WLog_SetGlobalPrefix (#12497) * [channels,video] fix wrong cast (#12511) * [codec,openh264] reject encoder ABI mismatch on runtime-loaded library (#12510) * [client,sdl] create a copy of rdpPointer (#12512) * [codec,video] properly pass intermediate format(#12518) * [utils, signal] lazily initialize Windows CRITICAL_SECTION to match POSIX static mutex behavior (#12520) * winpr: improve libunwind backtraces (#12530) * [server,shadow] remember selected caps (#12528) * Zero credential data before free in NLA and NTLM context (#12532) * [server,proxy] ignore missing client in input channel (#12536) * [server,proxy] ignore rdpdr messages (#12537) * [winpr,sspi] improve kerberos logging (#12538) * Codec fixes (#12542) * [winpr,sspi] Fix context nullptr handling (#12543) * Dev 3.24.3 dev0 (#12545) * Fix memory leak in gdi_create_bitmap() on gdi_CreateBitmap failure (libfreerdp/gdi/graphics.c) (#12547) * Fix memory leak in vgids_read_do_fkt() on Stream_New failure (libfreerdp/emu/scard/smartcard_virtual_gids.c) (#12548) * Proxy config improve (#12549) * Proxy config improve (#12550) * [client,sdl] clamp cursor hotspot (#12553) * RFC: Research/av1 codec extension (#12527) * [winpr,kerberos] fix krb_log_context_encryption (#12555) * [client,sdl] fix global init return check (#12558) * Fix remote credential with windows11h2 (#12560) * Proxy scard auth improvements (#12561) * [winpr,sspi] guard krb5_get_etype_info (#12562) * [utils,smartcard] fix STATUS_BUFFER_TOO_SMALL (#12564) * [client,common] do not manipulate security settings for smartcard-logon (#12567) * [channels,audin] fix regression for microphone (#12570) * [client,sdl] add SDL_KMOD_MODE and SDL_KMOD_LEVEL5 (#12569) * Fix unbound strlen on slotDescription (#12571) * build: Update FindFFmpeg.cmake to support Apple frameworks with 'lib' prefix (#12565) * [channels,rdpewa] add WebAuthn virtual channel support (#12572) * [core] fix freerdp_get_nla_sspi_error always returning 0 on client (#12574) * [ci] enable rdpewa channel (#12576) * small refactoring (#12578) * Rdpewa unify notifications (#12581) * [client,sdl] fix crash when clicking 'cancel' on PIN popup (#12580) * [channels,drive] refine bounds checks (#12584) * fix: smartcard logon with ECC keys and minidriver-assignedcontainer names (#12585) * Various papercuts (#12583) * fix: console output on Windows client (#12573) * [winpr,crt] dump stack on aligned memory errors (#12588) * [client,x11] keep scancode input for Ctrl/Alt/Super combinations in /kbd:unicode mode (#12590) * [codec,progressive] fix underflow guard in progressive_rfx_quant_sub (#12592) * fix: wfreerdp floatbar visibility (#12594) * [winpr,json] return a copy from WINPR_JSON_Print* (#12595) * [client,sdl] drop WITH_DEBUG_SDL_EVENTS (#12599) * Ncrypt and asn1 cleanup (#12604) * Video channel fix (#12593) * [codec,h264] fix media foundation backend (#12606) * fix(sdl): detect Hyprland and river in tryFallback() (#12608) * Proxy stress fixes (#12597) * Add new fuzzer tests (#12613) * fix(sdl): use SDL_Renderer instead of software surfaces (#12607) * fix(sdl): BFS neighbor walk pop/begin mismatch in addOrUpdateDisplay (#12614) * fix(sdl): promote first monitor as primary when subset excludes primary (#12618) * [ci,android] default to only aarch64 (#12622) * Fix process exit code on non-pidfd platforms (macOS, BSD)#12534) (#12586) * warning cleanups (#12626) * fix: prevent PostQuitMessage in RemoteApp WM_DESTROY handler (#12629) * [winpr,ntlm] fix message cleanup across the SSPI lifecycle (#12609) * Code bug fixes (#12632) * Oss fixes (#12633) * [client,android] add an option to enable keeping screen on when connected (#12630) * [client, android] Fix layout overlaps, migrate to AndroidX, and update UI components (#12628) * Proxy config tests (#12636) * Proxy config optional targethost (#12637) * [client,sdl] set SDL_HINT_SCREENSAVER_INHIBIT_ACTIVITY_NAME (#12639) * Nightly deb fix (#12640, #12641, #12649, #12650, #12642, #12643) * [winpr,input] fix korean keyboard mapping (#12646) * [client,sdl] set hints before SDL_Init (#12644) * Sdl inhibit option (#12647) * [client,X11] fix residual race in xf_clipboard_formats_free (#12648) * (sdl3): Fix oversized window on HiDPI Wayland (#12635) * [cache,bitmap] fix off-by-one inbitmap_cache_put bounds check (#12651) * [winpr,sspi] free fields buffer immediately (#12654) * [codec,dsp] fix fencepost error in dsp_ima_clamp_step (#12655) * RDPECAM MJPEG support * Support for FDK-AAC for sound and microphone redirection * Support timezones as JSON resources * Rely preferably on pkgconfig to pull devel packages instead of * A new option /cert that unifies all certificate related options (gh#FreeRDP/FreeRDP#5880) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-981=1 Package List: - openSUSE Leap 16.0: freerdp-3.26.0-160000.1.1 freerdp-devel-3.26.0-160000.1.1 freerdp-proxy-3.26.0-160000.1.1 freerdp-proxy-plugins-3.26.0-160000.1.1 freerdp-sdl-3.26.0-160000.1.1 freerdp-server-3.26.0-160000.1.1 freerdp-wayland-3.26.0-160000.1.1 libfreerdp-server-proxy3-3-3.26.0-160000.1.1 libfreerdp3-3-3.26.0-160000.1.1 librdtk0-0-3.26.0-160000.1.1 libuwac0-0-3.26.0-160000.1.1 libwinpr3-3-3.26.0-160000.1.1 rdtk0-devel-3.26.0-160000.1.1 uwac0-devel-3.26.0-160000.1.1 winpr-devel-3.26.0-160000.1.1 References: * https://www.suse.com/security/cve/CVE-2026-33982.html * https://www.suse.com/security/cve/CVE-2026-33985.html * https://www.suse.com/security/cve/CVE-2026-33986.html * https://www.suse.com/security/cve/CVE-2026-33987.html * https://www.suse.com/security/cve/CVE-2026-33995.html * https://www.suse.com/security/cve/CVE-2026-40033.html * https://www.suse.com/security/cve/CVE-2026-40254.html * https://www.suse.com/security/cve/CVE-2026-44420.html * https://www.suse.com/security/cve/CVE-2026-44421.html * https://www.suse.com/security/cve/CVE-2026-44422.html * https://www.suse.com/security/cve/CVE-2026-45700.html . openSUSE's freerdp update addresses critical issues, enhancing security against various exploits andvulnerabilities.. openSUSE security update freerdp important bug fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
87

Debian LXD Critical Command Execution Bypass Issues DSA-6373-1

Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in a bypass of security restrictions or the execution of arbitrary commands. For the stable distribution (trixie), these problems have been fixed in version 5.0.2+git20231211.1364ae4-9+deb13u7.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6373-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 28, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lxd CVE ID : CVE-2026-9639 CVE-2026-9640 CVE-2026-48749 CVE-2026-48750 CVE-2026-48751 CVE-2026-48752 CVE-2026-48755 CVE-2026-48769 CVE-2026-55621 CVE-2026-55622 Multiple security issues were discovered in LXD, a system container and virtual machine manager, which could result in a bypass of security restrictions or the execution of arbitrary commands. For the stable distribution (trixie), these problems have been fixed in version 5.0.2+git20231211.1364ae4-9+deb13u7. We recommend that you upgrade your lxd packages. For the detailed security status of lxd please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lxd Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple security issues in LXD lead to potential bypass of restrictions and command execution. Upgrade immediately.. Debian LXD update command execution bypass security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 28, 2026 Important Debian
100

SUSE Google-Osconfig-Agent Important Security Update 2026-2611-1

An update that solves 16 vulnerabilities can now be installed.. # Security update for google-osconfig-agent Announcement ID: SUSE-SU-2026:2611-1 Release Date: 2026-06-24T09:00:25Z Rating: important References: * bsc#1210938 * bsc#1260264 * bsc#1265762 * bsc#1266171 * bsc#1266603 Cross-References: * CVE-2026-33186 * CVE-2026-33814 * CVE-2026-39821 * CVE-2026-39827 * CVE-2026-39828 * CVE-2026-39829 * CVE-2026-39830 * CVE-2026-39831 * CVE-2026-39832 * CVE-2026-39833 * CVE-2026-39834 * CVE-2026-39835 * CVE-2026-42508 * CVE-2026-46595 * CVE-2026-46597 * CVE-2026-46598 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39821 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39827 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39827 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39827 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39828 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39828 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39828 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-39831 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39831 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39831 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39832 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N * CVE-2026-39832 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-39832 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39833 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39833 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39833 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-39834 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39834 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2026-39835 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39835 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39835 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N *CVE-2026-46595 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46595 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L * CVE-2026-46597 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46597 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46597 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for google-osconfig-agent fixes the following issue * CVE-2026-33186: Update google.golang.org/grpc dependency (bsc#1260264). * CVE-2026-39821: Update golang.org/x/net/idna dependency (bsc#1266603). * CVE-2026-39827: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39828: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39829: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39830: Update golang.org/x/cryptodependency (bsc#1266171). * CVE-2026-39831: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39832: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39833: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39834: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-39835: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-42508: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-46595: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-46597: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-46598: Update golang.org/x/crypto dependency (bsc#1266171). * CVE-2026-33814: Update golang.org/x/net dependency (bsc#1265762). Other bugfixes: * Re-enable binary stripping and debuginfo (bsc#1210938). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-2611=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2026-2611=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2611=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2611=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-2611=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20260615.01-150000.1.55.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20260615.01-150000.1.55.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20260615.01-150000.1.55.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20260615.01-150000.1.55.1 *Public Cloud Module 15-SP7 (aarch64 ppc64le s390x x86_64) * google-osconfig-agent-20260615.01-150000.1.55.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33814.html * https://www.suse.com/security/cve/CVE-2026-39821.html * https://www.suse.com/security/cve/CVE-2026-39827.html * https://www.suse.com/security/cve/CVE-2026-39828.html * https://www.suse.com/security/cve/CVE-2026-39829.html * https://www.suse.com/security/cve/CVE-2026-39830.html * https://www.suse.com/security/cve/CVE-2026-39831.html * https://www.suse.com/security/cve/CVE-2026-39832.html * https://www.suse.com/security/cve/CVE-2026-39833.html * https://www.suse.com/security/cve/CVE-2026-39834.html * https://www.suse.com/security/cve/CVE-2026-39835.html * https://www.suse.com/security/cve/CVE-2026-42508.html * https://www.suse.com/security/cve/CVE-2026-46595.html * https://www.suse.com/security/cve/CVE-2026-46597.html * https://www.suse.com/security/cve/CVE-2026-46598.html * https://bugzilla.suse.com/show_bug.cgi?id=1210938 * https://bugzilla.suse.com/show_bug.cgi?id=1260264 * https://bugzilla.suse.com/show_bug.cgi?id=1265762 * https://bugzilla.suse.com/show_bug.cgi?id=1266171 * https://bugzilla.suse.com/show_bug.cgi?id=1266603 . This important SUSE advisory details 16 resolved security issues for google-osconfig-agent. Install updates urgently.. SUSE linux security update google-osconfig-agent important. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 Important SuSE
100

SUSE Unbound Important Security Update 2026-22213-1 Multiple Issues

An update that solves 11 vulnerabilities can now be installed.. # Security update for unbound Announcement ID: SUSE-SU-2026:22213-1 Release Date: 2026-06-18T14:42:44Z Rating: important References: * bsc#1265578 * bsc#1265580 * bsc#1265581 * bsc#1265582 * bsc#1265583 * bsc#1265584 * bsc#1265585 * bsc#1265586 * bsc#1265587 * bsc#1265588 * bsc#1265589 Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32792 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-33278 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-33278 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-40622 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-40622 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41292 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red *CVE-2026-41292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42534 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42923 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42944 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42944 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42959 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42960 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42960 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44390 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44390 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44608 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586). * CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588). * CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584). * CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: *SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-948=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * unbound-anchor-debuginfo-1.24.1-160000.2.1 * unbound-debugsource-1.24.1-160000.2.1 * libunbound8-1.24.1-160000.2.1 * libunbound8-debuginfo-1.24.1-160000.2.1 * unbound-anchor-1.24.1-160000.2.1 * unbound-debuginfo-1.24.1-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html * https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html * https://bugzilla.suse.com/show_bug.cgi?id=1265578 * https://bugzilla.suse.com/show_bug.cgi?id=1265580 * https://bugzilla.suse.com/show_bug.cgi?id=1265581 * https://bugzilla.suse.com/show_bug.cgi?id=1265582 * https://bugzilla.suse.com/show_bug.cgi?id=1265583 * https://bugzilla.suse.com/show_bug.cgi?id=1265584 * https://bugzilla.suse.com/show_bug.cgi?id=1265585 * https://bugzilla.suse.com/show_bug.cgi?id=1265586 * https://bugzilla.suse.com/show_bug.cgi?id=1265587 * https://bugzilla.suse.com/show_bug.cgi?id=1265588 * https://bugzilla.suse.com/show_bug.cgi?id=1265589 . This SUSE update addresses 11 vulnerabilities in unbound, crucial for securing DNS functionality and reliability.. unbound update,SUSE Linux patches,DNS security issues,service degradation fixes,remote code execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 23, 2026 Important SuSE
89

Fedora 43 Ansible-Core Important Argument Injection Fix CVE-2026-11332

Mitigates CVE-2026-11332 (rhbz#2485397). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-f027f57724 2026-06-20 01:06:42.654493+00:00 -------------------------------------------------------------------------------- Name : ansible-core Product : Fedora 43 Version : 2.18.18~rc1 Release : 1.fc43 URL : https://ansible.com Summary : A radically simple IT automation system Description : Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. This is the base part of ansible (the engine). -------------------------------------------------------------------------------- Update Information: Mitigates CVE-2026-11332 (rhbz#2485397) -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 11 2026 Maxwell G - 2.18.18~rc1-1 - Update to 2.18.18~rc1. - Mitigates CVE-2026-11332 (rhbz#2485397) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2485397 - CVE-2026-11332 ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2485397 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-f027f57724' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can befound at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Mitigation of argument injection flaw in ansible-core for Fedora 43, addressing CVE-2026-11332.. Fedora 43, ansible-core security, CVE-2026-11332, important security updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 19, 2026 Important Fedora
100

SUSE Linux Micro 5.5 Cockpit Important Remote Execution Issues 2026-2363-1

An update that solves four vulnerabilities can now be installed.. # Security update for cockpit Announcement ID: SUSE-SU-2026:2363-1 Release Date: 2026-06-11T06:54:19Z Rating: important References: * bsc#1257838 * bsc#1258900 * bsc#1259015 * bsc#1265040 Cross-References: * CVE-2026-25547 * CVE-2026-27606 * CVE-2026-27904 * CVE-2026-4802 CVSS scores: * CVE-2026-25547 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25547 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25547 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27606 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-27606 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27904 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27904 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27904 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4802 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-4802 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-4802 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves four vulnerabilities can now be installed. ## Description: This update for cockpit fixes the following issues * CVE-2026-4802: remote command execution via unsanitized user-controlled parameters within crafted links in system logs UI (bsc#1265040). * CVE-2026-25547: brace-expansion: unbounded brace range expansion can lead to excessive CPU and memory consumption and may crash a Node.js process (bsc#1257838). * CVE-2026-27606: rollup: Arbitrary File Write via Path Traversal in Rollup 4 (bsc#1258900). * CVE-2026-27904: minimatch: nested *() extglobs can lead to regular expressions with exponential backtracking complexity and a ReDoS (bsc#1259015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2363=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * cockpit-debugsource-298-150500.3.12.1 * cockpit-ws-298-150500.3.12.1 * cockpit-bridge-debuginfo-298-150500.3.12.1 * cockpit-debuginfo-298-150500.3.12.1 * cockpit-bridge-298-150500.3.12.1 * cockpit-ws-debuginfo-298-150500.3.12.1 * cockpit-298-150500.3.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-selinux-298-150500.3.12.1 * cockpit-system-298-150500.3.12.1 * cockpit-storaged-298-150500.3.12.1 * cockpit-networkmanager-298-150500.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25547.html * https://www.suse.com/security/cve/CVE-2026-27606.html * https://www.suse.com/security/cve/CVE-2026-27904.html * https://www.suse.com/security/cve/CVE-2026-4802.html * https://bugzilla.suse.com/show_bug.cgi?id=1257838 * https://bugzilla.suse.com/show_bug.cgi?id=1258900 * https://bugzilla.suse.com/show_bug.cgi?id=1259015 * https://bugzilla.suse.com/show_bug.cgi?id=1265040 . Critical security update for SUSE addressing four important vulnerabilities in cockpit, enhancing system integrity and security.. SUSE cockpit security update vulnerabilities 2026 remote execution.. Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2026 Important SuSE
87

Debian OpenSSL Important DoS Remote Code Execution Advisory DSA-6335-1

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in denial of service, information leaks, or potentially remote code execution. Additional details can be found in the upstream advisory: https://openssl-library.org/news/secadv/20260609.txt. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6335-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso June 09, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2026-7383 CVE-2026-9076 CVE-2026-34180 CVE-2026-34181 CVE-2026-34182 CVE-2026-34183 CVE-2026-42764 CVE-2026-42766 CVE-2026-42767 CVE-2026-42768 CVE-2026-42769 CVE-2026-42770 CVE-2026-45445 CVE-2026-45446 CVE-2026-45447 Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit, which may result in denial of service, information leaks, or potentially remote code execution. Additional details can be found in the upstream advisory: https://openssl-library.org/news/secadv/20260609.txt For the oldstable distribution (bookworm), these problems have been fixed in version 3.0.20-1~deb12u2. For the stable distribution (trixie), these problems have been fixed in version 3.5.6-1~deb13u2. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple vulnerabilities in OpenSSL could lead to denial of service or remote code execution. Upgrade recommended..OpenSSL security alert, Debian upgrades, vulnerability threat, code execution risks. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 09, 2026 Important Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200