Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 110 articles for you...
99

Slackware Tigervnc Important Fix Buffer Overflow 2026-190-01

New tigervnc packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] tigervnc (SSA:2026-190-01) New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ extra/tigervnc/tigervnc-1.16.2-i586-4_slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including patches for security issues: glamor Font Atlas Heap Buffer Overflow. GLX contextTags Use-After-Free in CommonMakeCurrent(). For more information, see: https://lists.x.org/archives/xorg/2026-July/062255.html https://www.cve.org/CVERecord?id=CVE-2026-55999 https://www.cve.org/CVERecord?id=CVE-2026-56000 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.16.2-i586-4_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.16.2-x86_64-4_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/tigervnc/tigervnc-1.16.2-i686-5.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/extra/tigervnc/tigervnc-1.16.2-x86_64-5.txz MD5 signatures: +-------------+ Slackware 15.0 package: e91b4d85ebcff2b70ba7e40c0a229a6c tigervnc-1.16.2-i586-4_slack15.0.txz Slackware x86_64 15.0 package: 2c7277f1e3e7cd9236880f7ecc6f8f3c tigervnc-1.16.2-x86_64-4_slack15.0.txz Slackware -current package: 3c62c5ea413d4c3117d8a46d1a538591 tigervnc-1.16.2-i686-5.txz Slackware x86_64 -current package: 5800715ba19bff2691bed15edeb3fbbb tigervnc-1.16.2-x86_64-5.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg tigervnc-1.16.2-i586-4_slack15.0.txz +-----+ . Tigervnc packages for Slackware 15.0 and -current updated to address critical security issues and vulnerabilities.. tigervnc packages, slackware security, buffer overflow fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 09, 2026 Important Slackware
89

Fedora 43 tigervnc Critical Info Exposure Denial of Service 2026-ad10afa9cd

Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-ad10afa9cd 2026-06-27 00:54:50.049697+00:00 -------------------------------------------------------------------------------- Name : tigervnc Product : Fedora 43 Version : 1.16.2 Release : 4.fc43 URL : https://www.tigervnc.com Summary : A TigerVNC remote display system Description : Virtual Network Computing (VNC) is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you to connect to other desktops running a VNC server. -------------------------------------------------------------------------------- Update Information: Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 18 2026 Jan Grulich - 1.16.2-4 - Rebuild (xorg-x11-server) Fixes CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 * Fri Jun 12 2026 Yaakov Selkowitz - 1.16.2-3 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2476414 - CVE-2026-34002 tigervnc: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476414 [ 2 ] Bug #2476956 - CVE-2026-33999 tigervnc: X.Org X server: Denial of Service via integer underflow inXKB compatibility map handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476956 [ 3 ] Bug #2476958 - CVE-2026-34001 tigervnc: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476958 [ 4 ] Bug #2476965 - CVE-2026-34003 tigervnc: X.Org X server: Information exposure and denial of service via out-of-bounds memory access [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476965 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-ad10afa9cd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Critical advisory for Fedora 43 regarding Tigervnc fixes for multiple CVEs. Immediate update is recommended.. Fedora 43,Tigervnc,remote display system,security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Critical Fedora
219

Rocky Linux tigervnc Important Buffer Overflow Issues RLSA-2026-29844

Important: tigervnc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29844", "synopsis": "Important: tigervnc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for tigervnc.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.\n\nSecurity Fix(es):\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264)\n\nFor more details aboutthe security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2485380", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485380", "description": ""}, {"ticket": "2485382", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485382", "description": ""}, {"ticket": "2485383", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485383", "description": ""}, {"ticket": "2485384", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485384", "description": ""}, {"ticket": "2485385", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485385", "description": ""}, {"ticket": "2485386", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485386", "description": ""}, {"ticket": "2485387", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485387", "description": ""}, {"ticket": "2485388", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485388", "description": ""}, {"ticket": "2485389", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485389", "description": ""}], "cves": [{"name": "CVE-2026-50256", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50256", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50257", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50257", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50258", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50258", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50259", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50259", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50260", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50260", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50261", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50262", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-125"}, {"name": "CVE-2026-50263", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50263", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-416"}, {"name": "CVE-2026-50264", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50264", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-787"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["tigervnc-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-0:1.15.0-7.el9_8.2.src.rpm", "tigervnc-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm","tigervnc-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-icons-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-license-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-selinux-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important tigervnc update available for Rocky Linux 9 addressing major security issues. Ensure yoursystems are protected.. Rocky Linux RLSA-2026 tigervnc update buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
217

Oracle Linux 9 Tigervnc Important Security Advisory ELSA-2026-29844

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-29844 http://linux.oracle.com/errata/ELSA-2026-29844.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-icons-1.15.0-7.el9_8.2.noarch.rpm tigervnc-license-1.15.0-7.el9_8.2.noarch.rpm tigervnc-selinux-1.15.0-7.el9_8.2.noarch.rpm tigervnc-server-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-server-minimal-1.15.0-7.el9_8.2.x86_64.rpm tigervnc-server-module-1.15.0-7.el9_8.2.x86_64.rpm aarch64: tigervnc-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-icons-1.15.0-7.el9_8.2.noarch.rpm tigervnc-license-1.15.0-7.el9_8.2.noarch.rpm tigervnc-selinux-1.15.0-7.el9_8.2.noarch.rpm tigervnc-server-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-server-minimal-1.15.0-7.el9_8.2.aarch64.rpm tigervnc-server-module-1.15.0-7.el9_8.2.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/tigervnc-1.15.0-7.el9_8.2.src.rpm Related CVEs: CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 Description of changes: [1.15.0-7.2] - Rebuild for updated xorg-x11-server Resolves: RHEL-184003 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Advisory ELSA-2026-29844 updates for Tigervnc resolve critical security issues for improved safety.. Oracle Linux Advisory,Tigervnc Updates,Security Fixes,Oracle Vulnerability,Important Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
219

Rocky Linux tigervnc Important Remote Display Issues RLSA-2026-28923

Important: tigervnc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28923", "synopsis": "Important: tigervnc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for tigervnc.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.\n\nSecurity Fix(es):\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264)\n\nFor more details aboutthe security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2485380", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485380", "description": ""}, {"ticket": "2485382", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485382", "description": ""}, {"ticket": "2485383", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485383", "description": ""}, {"ticket": "2485384", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485384", "description": ""}, {"ticket": "2485385", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485385", "description": ""}, {"ticket": "2485386", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485386", "description": ""}, {"ticket": "2485387", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485387", "description": ""}, {"ticket": "2485388", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485388", "description": ""}, {"ticket": "2485389", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485389", "description": ""}], "cves": [{"name": "CVE-2026-50256", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50256", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50257", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50257", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50258", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50258", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50259", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50259", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50260", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50260", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50261", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50262", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-125"}, {"name": "CVE-2026-50263", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50263", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-416"}, {"name": "CVE-2026-50264", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50264", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-787"}], "references": [], "publishedAt": "2026-06-25T06:00:31.266414Z", "rpms": {"Rocky Linux 8": {"nvras": ["tigervnc-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-0:1.15.0-10.el8_10.src.rpm", "tigervnc-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-debuginfo-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-debuginfo-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-debugsource-0:1.15.0-10.el8_10.aarch64.rpm","tigervnc-debugsource-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-icons-0:1.15.0-10.el8_10.noarch.rpm", "tigervnc-license-0:1.15.0-10.el8_10.noarch.rpm", "tigervnc-selinux-0:1.15.0-10.el8_10.noarch.rpm", "tigervnc-server-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-server-debuginfo-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-debuginfo-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-server-minimal-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-minimal-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-server-module-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-module-0:1.15.0-10.el8_10.x86_64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-10.el8_10.aarch64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-10.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update available for important tigervnc security issues affecting Rocky Linux, with multiple CVEs and a focus on VNC functionality.. tigervnc security update,Rocky Linux security advisory,buffer overflow fixes,VNC remote access vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 Important Rocky Linux
217

Oracle Linux 8 Tigervnc Important Security Fix ELSA-2026-28923

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-28923 http://linux.oracle.com/errata/ELSA-2026-28923.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.15.0-10.el8_10.x86_64.rpm tigervnc-icons-1.15.0-10.el8_10.noarch.rpm tigervnc-license-1.15.0-10.el8_10.noarch.rpm tigervnc-selinux-1.15.0-10.el8_10.noarch.rpm tigervnc-server-1.15.0-10.el8_10.x86_64.rpm tigervnc-server-minimal-1.15.0-10.el8_10.x86_64.rpm tigervnc-server-module-1.15.0-10.el8_10.x86_64.rpm aarch64: tigervnc-1.15.0-10.el8_10.aarch64.rpm tigervnc-icons-1.15.0-10.el8_10.noarch.rpm tigervnc-license-1.15.0-10.el8_10.noarch.rpm tigervnc-selinux-1.15.0-10.el8_10.noarch.rpm tigervnc-server-1.15.0-10.el8_10.aarch64.rpm tigervnc-server-minimal-1.15.0-10.el8_10.aarch64.rpm tigervnc-server-module-1.15.0-10.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.15.0-10.el8_10.src.rpm Related CVEs: CVE-2026-50256 CVE-2026-50257 CVE-2026-50258 CVE-2026-50259 CVE-2026-50260 CVE-2026-50261 CVE-2026-50262 CVE-2026-50263 CVE-2026-50264 Description of changes: [1.15.0-10] - Rebuild for updated xorg-x11-server Resolves: RHEL-183998 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Update for Oracle Linux 8 addressing important security issues in Tigervnc, enhancing user access and performance.. Oracle Linux 8,tigervnc security,security advisory,linux updates,password security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 24, 2026 Important Oracle
219

Rocky Linux 8 tigervnc Vital Security Patch RLSA-2026-13414

Important: tigervnc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:13414", "synopsis": "Important: tigervnc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for tigervnc.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.\n\nSecurity Fix(es):\n\n* xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling (CVE-2026-33999)\n\n* xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption (CVE-2026-34001)\n\n* xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access (CVE-2026-34003)\n\n* TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions (CVE-2026-34352)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2451106", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451106", "description": ""}, {"ticket": "2451109", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451109", "description": ""}, {"ticket": "2451113", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2451113", "description": ""}, {"ticket": "2452022", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2452022", "description": ""}], "cves": [{"name": "CVE-2026-33999", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-191"}, {"name": "CVE-2026-34001", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-825"}, {"name": "CVE-2026-34003", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-125"}, {"name": "CVE-2026-34352", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34352", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", "cvss3BaseScore": "6.3", "cwe": "CWE-279"}], "references": [], "publishedAt": "2026-05-07T06:00:59.922786Z", "rpms": {"Rocky Linux 8": {"nvras": ["tigervnc-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-0:1.15.0-9.el8_10.src.rpm", "tigervnc-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-debuginfo-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-debuginfo-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-debugsource-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-debugsource-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-icons-0:1.15.0-9.el8_10.noarch.rpm", "tigervnc-license-0:1.15.0-9.el8_10.noarch.rpm", "tigervnc-selinux-0:1.15.0-9.el8_10.noarch.rpm", "tigervnc-server-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-server-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-server-debuginfo-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-server-debuginfo-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-server-minimal-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-server-minimal-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-9.el8_10.aarch64.rpm","tigervnc-server-minimal-debuginfo-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-server-module-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-server-module-0:1.15.0-9.el8_10.x86_64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-9.el8_10.aarch64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-9.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update addressing important security issues in TigerVNC for Rocky Linux, including several fixes for denial of service threats.. rocky linux tigervnc update security important. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 07, 2026 Important Rocky Linux
217

Oracle Linux 8 tigervnc Important ELSA-2026-13414 Remote Access Risks

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-13414 http://linux.oracle.com/errata/ELSA-2026-13414.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: tigervnc-1.15.0-9.el8_10.x86_64.rpm tigervnc-icons-1.15.0-9.el8_10.noarch.rpm tigervnc-license-1.15.0-9.el8_10.noarch.rpm tigervnc-selinux-1.15.0-9.el8_10.noarch.rpm tigervnc-server-1.15.0-9.el8_10.x86_64.rpm tigervnc-server-minimal-1.15.0-9.el8_10.x86_64.rpm tigervnc-server-module-1.15.0-9.el8_10.x86_64.rpm aarch64: tigervnc-1.15.0-9.el8_10.aarch64.rpm tigervnc-icons-1.15.0-9.el8_10.noarch.rpm tigervnc-license-1.15.0-9.el8_10.noarch.rpm tigervnc-selinux-1.15.0-9.el8_10.noarch.rpm tigervnc-server-1.15.0-9.el8_10.aarch64.rpm tigervnc-server-minimal-1.15.0-9.el8_10.aarch64.rpm tigervnc-server-module-1.15.0-9.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.15.0-9.el8_10.src.rpm Related CVEs: CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 CVE-2026-34352 Description of changes: [1.15.0-9] - Fix CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002, CVE-2026-34003 xorg-x11-server: various XKB and XSYNC vulnerabilities Resolves: RHEL-163203 Resolves: RHEL-163271 Resolves: RHEL-163257 - Fix CVE-2026-34352 Resolves: RHEL-167760 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updates for tigervnc on Oracle Linux 8 address multiple important issues, enhancing security and performance features.. tigervnc updates, oracle linux security, remote access vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 06, 2026 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200