Alerts This Week
Warning Icon 1 1,161
Alerts This Week
Warning Icon 1 1,161

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Kernel Important Fixes Denial of Service 2026-2638-1

Calendar White Jun 26, 2026
Important
Suse Large Esm H900
SuSE

SUSE Kernel Important Security Update 2026-2638-1 Fixing 21 Issues

Calendar White Jun 26, 2026
Important
Suse Large Esm H900
SuSE

SUSE Containerd Important DoS Authorization Bypass Vulnern 2026-2639-1

Calendar White Jun 26, 2026
Important
Suse Large Esm H800
SuSE

SUSE containerd Important Denial of Service Fix 2026-2640-1

Calendar White Jun 26, 2026
Important
Suse Large Esm H900
SuSE

SUSE Apache2 Important Security Fixes Vulnerabilities 2026-2641-1

Calendar White Jun 26, 2026
Important
Suse Large Esm H900
SuSE

SUSE Apache Commons Important StackOverflowError Issue 2026-2642-1

Calendar White Jun 26, 2026
Important
Rockylinux Esm H800
Rocky

Rocky Linux 10 Buildah Important Denial of Service Update RLSA-2026-29195

Calendar White Jun 26, 2026
Important
Rockylinux Esm H900
Rocky

Rocky Linux 10 RLSA-2026-29980 golang Moderate Input Injection Fix

Calendar White Jun 26, 2026
moderate
Rockylinux Esm H900
Rocky

Rocky Linux nginx Important Code Exec DoS Risk RLSA-2026-29874

Calendar White Jun 26, 2026
Important
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

Does sandboxing completely stop hackers?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/153-does-sandboxing-completely-stop-hackers?task=poll.vote&format=json
153
radio
0
[{"id":494,"title":"Isolation breeds ultimate system safety.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":495,"title":"Flawed configurations bypass all barriers.","votes":1,"type":"x","order":2,"pct":100,"resources":[]},{"id":496,"title":"Determined exploits always break out.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorydenial of servicenetwork security

Rocky Linux 9 RLSA-2026-29703 Important Denial of Service in plugins

Important: containernetworking-plugins security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29703", "synopsis": "Important: containernetworking-plugins security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for containernetworking-plugins.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. \n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2445356", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "description": ""}, {"ticket": "2456333", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333", "description": ""}, {"ticket": "2456338", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338", "description": ""}, {"ticket": "2456339", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339", "description": ""}], "cves": [{"name": "CVE-2026-25679", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1286"}, {"name": "CVE-2026-32280", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-770"}, {"name": "CVE-2026-32281", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-1050"}, {"name": "CVE-2026-32283", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-764"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["containernetworking-plugins-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.src.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.x86_64.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.x86_64.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}.Rocky Linux provides an important security update for containernetworking-plugins impacting network connectivity of containers.. Rocky Linux Security Update, containernetworking-plugins Fix, Important Linux Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorydenial of serviceimportant

Rocky Linux 9 Runc Important Denial of Service Update RLSA-2026-29702

Important: runc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29702", "synopsis": "Important: runc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for runc.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2445356", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "description": ""}, {"ticket": "2456333", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333", "description": ""}, {"ticket": "2456339", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339", "description": ""}], "cves": [{"name": "CVE-2026-25679", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1286"}, {"name": "CVE-2026-32280", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5","cwe": "CWE-770"}, {"name": "CVE-2026-32281", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-1050"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["runc-4:1.4.2-2.el9_8.aarch64.rpm", "runc-4:1.4.2-2.el9_8.ppc64le.rpm", "runc-4:1.4.2-2.el9_8.s390x.rpm", "runc-4:1.4.2-2.el9_8.src.rpm", "runc-4:1.4.2-2.el9_8.x86_64.rpm", "runc-debuginfo-4:1.4.2-2.el9_8.aarch64.rpm", "runc-debuginfo-4:1.4.2-2.el9_8.ppc64le.rpm", "runc-debuginfo-4:1.4.2-2.el9_8.s390x.rpm", "runc-debuginfo-4:1.4.2-2.el9_8.x86_64.rpm", "runc-debugsource-4:1.4.2-2.el9_8.aarch64.rpm", "runc-debugsource-4:1.4.2-2.el9_8.ppc64le.rpm", "runc-debugsource-4:1.4.2-2.el9_8.s390x.rpm", "runc-debugsource-4:1.4.2-2.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Explore the important runc security update for Rocky Linux 9, addressing serious vulnerabilities including Denial of Service.. Rocky Linux runc Update security important. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
Banner 4 1028x280 1708121825 1771600306
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorymoderatebug fix

Rocky Linux 9 RLSA-2026-29981 Golang Moderate Input Injection

Moderate: golang security, bug fix, and enhancement update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29981", "synopsis": "Moderate: golang security, bug fix, and enhancement update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for golang.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* net/textproto: golang: Golang net/textproto: Misleading error messages via input injection (CVE-2026-42507)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Go to version 1.26.4+1 [rhel-9.8.z] (JIRA:Rocky Linux-183350)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2484205", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2484205", "description": ""}], "cves": [{"name": "CVE-2026-42507", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42507", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "cvss3BaseScore": "5.3", "cwe": "CWE-117"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["golang-0:1.26.4-1.el9_8.aarch64.rpm", "golang-0:1.26.4-1.el9_8.ppc64le.rpm", "golang-0:1.26.4-1.el9_8.s390x.rpm", "golang-0:1.26.4-1.el9_8.src.rpm", "golang-0:1.26.4-1.el9_8.x86_64.rpm", "golang-bin-0:1.26.4-1.el9_8.aarch64.rpm", "golang-bin-0:1.26.4-1.el9_8.ppc64le.rpm", "golang-bin-0:1.26.4-1.el9_8.s390x.rpm", "golang-bin-0:1.26.4-1.el9_8.x86_64.rpm", "golang-docs-0:1.26.4-1.el9_8.noarch.rpm", "golang-misc-0:1.26.4-1.el9_8.noarch.rpm", "golang-race-0:1.26.4-1.el9_8.aarch64.rpm","golang-race-0:1.26.4-1.el9_8.ppc64le.rpm", "golang-race-0:1.26.4-1.el9_8.s390x.rpm", "golang-race-0:1.26.4-1.el9_8.x86_64.rpm", "golang-src-0:1.26.4-1.el9_8.noarch.rpm", "golang-tests-0:1.26.4-1.el9_8.noarch.rpm", "go-toolset-0:1.26.4-1.el9_8.aarch64.rpm", "go-toolset-0:1.26.4-1.el9_8.ppc64le.rpm", "go-toolset-0:1.26.4-1.el9_8.s390x.rpm", "go-toolset-0:1.26.4-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update for golang available in Rocky Linux 9. Fixes misleading error messages due to input injection vulnerability.. Rocky Linux bug fix golang update. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 moderate Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorydenial of servicepatch

Rocky Linux 9 RLSA-2026-29455 Buildah Important Denial of Service

Important: buildah security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29455", "synopsis": "Important: buildah security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for buildah.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters (CVE-2026-39829)\n\n* golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses (CVE-2026-39830)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2445356", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "description": ""}, {"ticket": "2456333", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333","description": ""}, {"ticket": "2456338", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338", "description": ""}, {"ticket": "2456339", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339", "description": ""}, {"ticket": "2480681", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681", "description": ""}, {"ticket": "2480684", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684", "description": ""}], "cves": [{"name": "CVE-2026-25679", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1286"}, {"name": "CVE-2026-32280", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-770"}, {"name": "CVE-2026-32281", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-1050"}, {"name": "CVE-2026-32283", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-764"}, {"name": "CVE-2026-39829", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39829", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1284"}, {"name": "CVE-2026-39830", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39830", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-772"}], "references": [],"publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["buildah-2:1.43.1-2.el9_8.aarch64.rpm", "buildah-2:1.43.1-2.el9_8.ppc64le.rpm", "buildah-2:1.43.1-2.el9_8.s390x.rpm", "buildah-2:1.43.1-2.el9_8.src.rpm", "buildah-2:1.43.1-2.el9_8.x86_64.rpm", "buildah-debuginfo-2:1.43.1-2.el9_8.aarch64.rpm", "buildah-debuginfo-2:1.43.1-2.el9_8.ppc64le.rpm", "buildah-debuginfo-2:1.43.1-2.el9_8.s390x.rpm", "buildah-debuginfo-2:1.43.1-2.el9_8.x86_64.rpm", "buildah-debugsource-2:1.43.1-2.el9_8.aarch64.rpm", "buildah-debugsource-2:1.43.1-2.el9_8.ppc64le.rpm", "buildah-debugsource-2:1.43.1-2.el9_8.s390x.rpm", "buildah-debugsource-2:1.43.1-2.el9_8.x86_64.rpm", "buildah-tests-2:1.43.1-2.el9_8.aarch64.rpm", "buildah-tests-2:1.43.1-2.el9_8.ppc64le.rpm", "buildah-tests-2:1.43.1-2.el9_8.s390x.rpm", "buildah-tests-2:1.43.1-2.el9_8.x86_64.rpm", "buildah-tests-debuginfo-2:1.43.1-2.el9_8.aarch64.rpm", "buildah-tests-debuginfo-2:1.43.1-2.el9_8.ppc64le.rpm", "buildah-tests-debuginfo-2:1.43.1-2.el9_8.s390x.rpm", "buildah-tests-debuginfo-2:1.43.1-2.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important buildah security update for Rocky Linux enhances container image security and resolves several denial of service issues.. Rocky Linux buildah security important update denial of service. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
Banner 4 1028x280 1708121825 1771600306
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisoryimportantinformation disclosure

Rocky Linux Thunderbird Essential Measures for Various CVEs RLSA-2026-29940

Important: thunderbird security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29940", "synopsis": "Important: thunderbird security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for thunderbird.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* firefox: thunderbird: Sandbox escape in the DOM: Workers component (CVE-2026-12294)\n\n* firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component (CVE-2026-12313)\n\n* firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component (CVE-2026-12311)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12290)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 (CVE-2026-12327)\n\n* firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component (CVE-2026-12299)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12329)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12312)\n\n* firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12302)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 (CVE-2026-12328)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Internationalization component (CVE-2026-12330)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12314)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12309)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR140.12 (CVE-2026-12310)\n\n* firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component (CVE-2026-12325)\n\n* firefox: thunderbird: Sandbox escape in the DOM: Navigation component (CVE-2026-12295)\n\n* firefox: thunderbird: Privilege escalation in the Graphics: WebRender component (CVE-2026-12289)\n\n* firefox: thunderbird: Mitigation bypass in the DOM: Security component (CVE-2026-12315)\n\n* firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component (CVE-2026-12296)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12306)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12307)\n\n* firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component (CVE-2026-12297)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12305)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Web Audio component (CVE-2026-12292)\n\n* firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 (CVE-2026-12308)\n\n* firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component (CVE-2026-12324)\n\n* firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component (CVE-2026-12304)\n\n* firefox: thunderbird: Use-after-free in the Networking: HTTP component (CVE-2026-12291)\n\n* firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 (CVE-2026-12298)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2489207", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489207", "description": ""}, {"ticket": "2489208", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489208", "description": ""},{"ticket": "2489209", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489209", "description": ""}, {"ticket": "2489210", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489210", "description": ""}, {"ticket": "2489211", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489211", "description": ""}, {"ticket": "2489212", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489212", "description": ""}, {"ticket": "2489214", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489214", "description": ""}, {"ticket": "2489215", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489215", "description": ""}, {"ticket": "2489217", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489217", "description": ""}, {"ticket": "2489218", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489218", "description": ""}, {"ticket": "2489220", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489220", "description": ""}, {"ticket": "2489221", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489221", "description": ""}, {"ticket": "2489223", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489223", "description": ""}, {"ticket": "2489224", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489224", "description": ""}, {"ticket": "2489225", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489225", "description": ""}, {"ticket": "2489226", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489226", "description": ""}, {"ticket": "2489229", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489229", "description": ""}, {"ticket": "2489231", "sourceBy":"Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489231", "description": ""}, {"ticket": "2489232", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489232", "description": ""}, {"ticket": "2489233", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489233", "description": ""}, {"ticket": "2489234", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489234", "description": ""}, {"ticket": "2489235", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489235", "description": ""}, {"ticket": "2489236", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489236", "description": ""}, {"ticket": "2489237", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489237", "description": ""}, {"ticket": "2489239", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489239", "description": ""}, {"ticket": "2489240", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489240", "description": ""}, {"ticket": "2489243", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489243", "description": ""}, {"ticket": "2489244", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489244", "description": ""}, {"ticket": "2489248", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2489248", "description": ""}], "cves": [{"name": "CVE-2026-12289", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12289", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-266"}, {"name": "CVE-2026-12290", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12290", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5","cwe": "CWE-823"}, {"name": "CVE-2026-12291", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12291", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}, {"name": "CVE-2026-12292", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12292", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-787"}, {"name": "CVE-2026-12294", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12294", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-266"}, {"name": "CVE-2026-12295", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12295", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-653"}, {"name": "CVE-2026-12296", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12296", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-403"}, {"name": "CVE-2026-12297", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12297", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-653"}, {"name": "CVE-2026-12298", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12298", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-843"}, {"name": "CVE-2026-12299", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12299", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-733"}, {"name": "CVE-2026-12302", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12302", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-12304", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12304", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-346"}, {"name": "CVE-2026-12305", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12305", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-12306", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12306", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-12307", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12307", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-12308", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12308", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": null}, {"name": "CVE-2026-12309", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12309", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-12310", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12310", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-825"}, {"name": "CVE-2026-12311", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12311", "cvss3ScoringVector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-243"}, {"name": "CVE-2026-12312", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12312", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-12313", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12313", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-403"}, {"name": "CVE-2026-12314", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12314", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-12315", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12315", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-807"}, {"name": "CVE-2026-12324", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12324", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": "CWE-131"}, {"name": "CVE-2026-12325", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12325", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "cvss3BaseScore": "3.4", "cwe": "CWE-1286"}, {"name": "CVE-2026-12327", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12327", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-787"}, {"name": "CVE-2026-12328", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12328", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-825"}, {"name": "CVE-2026-12329","sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12329", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": null}, {"name": "CVE-2026-12330", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-12330", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-131"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["thunderbird-0:140.12.0-1.el9_8.aarch64.rpm", "thunderbird-0:140.12.0-1.el9_8.ppc64le.rpm", "thunderbird-0:140.12.0-1.el9_8.s390x.rpm", "thunderbird-0:140.12.0-1.el9_8.src.rpm", "thunderbird-0:140.12.0-1.el9_8.x86_64.rpm", "thunderbird-debuginfo-0:140.12.0-1.el9_8.aarch64.rpm", "thunderbird-debuginfo-0:140.12.0-1.el9_8.ppc64le.rpm", "thunderbird-debuginfo-0:140.12.0-1.el9_8.s390x.rpm", "thunderbird-debuginfo-0:140.12.0-1.el9_8.x86_64.rpm", "thunderbird-debugsource-0:140.12.0-1.el9_8.aarch64.rpm", "thunderbird-debugsource-0:140.12.0-1.el9_8.ppc64le.rpm", "thunderbird-debugsource-0:140.12.0-1.el9_8.s390x.rpm", "thunderbird-debugsource-0:140.12.0-1.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Explore the important thunderbird security update for Rocky Linux, addressing multiple critical issues and vulnerabilities.. thunderbird security update, rocky linux vulnerabilities, sandbox escape issues, memory safety fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag%201security advisorysecurity updatebuffer overflow

Rocky Linux tigervnc Important Buffer Overflow Issues RLSA-2026-29844

Important: tigervnc security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29844", "synopsis": "Important: tigervnc security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for tigervnc.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.\n\nSecurity Fix(es):\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch (CVE-2026-50256)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() (CVE-2026-50257)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels (CVE-2026-50258)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing (CVE-2026-50259)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() (CVE-2026-50260)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() (CVE-2026-50261)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes (CVE-2026-50262)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() (CVE-2026-50263)\n\n* xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat (CVE-2026-50264)\n\nFor more details aboutthe security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2485380", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485380", "description": ""}, {"ticket": "2485382", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485382", "description": ""}, {"ticket": "2485383", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485383", "description": ""}, {"ticket": "2485384", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485384", "description": ""}, {"ticket": "2485385", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485385", "description": ""}, {"ticket": "2485386", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485386", "description": ""}, {"ticket": "2485387", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485387", "description": ""}, {"ticket": "2485388", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485388", "description": ""}, {"ticket": "2485389", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2485389", "description": ""}], "cves": [{"name": "CVE-2026-50256", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50256", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50257", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50257", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50258", "sourceBy": "MITRE", "sourceLink":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50258", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50259", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50259", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-121"}, {"name": "CVE-2026-50260", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50260", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50261", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50261", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-416"}, {"name": "CVE-2026-50262", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50262", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-125"}, {"name": "CVE-2026-50263", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50263", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.5", "cwe": "CWE-416"}, {"name": "CVE-2026-50264", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-50264", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-787"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["tigervnc-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-0:1.15.0-7.el9_8.2.src.rpm", "tigervnc-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm","tigervnc-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-debugsource-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-icons-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-license-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-selinux-0:1.15.0-7.el9_8.2.noarch.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-minimal-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-minimal-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-module-0:1.15.0-7.el9_8.2.x86_64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.aarch64.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.ppc64le.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.s390x.rpm", "tigervnc-server-module-debuginfo-0:1.15.0-7.el9_8.2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important tigervnc update available for Rocky Linux 9 addressing major security issues. Ensure yoursystems are protected.. Rocky Linux RLSA-2026 tigervnc update buffer overflow. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Rocky Linux
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Debianlts Esm H240
Price Tag%201security advisorycriticalinformation disclosure

Debian LTS python-urllib3 Serious Information Leak Resolution DLA-4651-1

It was discovered that python-urllib3, an HTTP library with thread-safe connection pooling for Python, did not strip out sensitive headers (such as `Authorization` or `Cookie`) during cross-origin redirects followed from the low-level API, which could lead to information disclosure or authorization bypass.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4651-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Guilhem Moulin June 26, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : python-urllib3 Version : 1.26.5-1~exp1+deb11u4 1.26.12-1+deb12u4 CVE ID : CVE-2026-44431 Debian Bug : 1136653 It was discovered that python-urllib3, an HTTP library with thread-safe connection pooling for Python, did not strip out sensitive headers (such as `Authorization` or `Cookie`) during cross-origin redirects followed from the low-level API, which could lead to information disclosure or authorization bypass. For Debian 11 bullseye, this problem has been fixed in version 1.26.5-1~exp1+deb11u4. For Debian 12 bookworm, this problem has been fixed in version 1.26.12-1+deb12u4. We recommend that you upgrade your python-urllib3 packages. For the detailed security status of python-urllib3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-urllib3 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS security advisory for python-urllib3 related to sensitive headers during cross-origin redirects. Upgrade recommended.. python-urllib3, information disclosure, authorization bypass, security update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Critical Debian LTS
197
Ls Advisories Debianlts Esm H240
Price Tag%201security advisorydenial of servicecritical

Debian LTS giflib Critical Denial of Service Vulnerabilities DLA-4650-1

Two vulnerabilties have been found in giflib, a package of portable tools and library routines for working with GIF images, potentially allowing Denial of Service. CVE-2026-23868 Giflib contains a double-free vulnerability that is the result of a. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4650-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Tobias Frost June 26, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : giflib Version : 5.1.9-2+deb11u1 $bookworm_VERSION CVE ID : CVE-2026-23868 CVE-2026-26740 Debian Bug : 1130495 1131368 Two vulnerabilties have been found in giflib, a package of portable tools and library routines for working with GIF images, potentially allowing Denial of Service. CVE-2026-23868 Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but may be possible. CVE-2026-26740 A Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size. For Debian 11 bullseye, these problems have been fixed in version 5.1.9-2+deb11u1. We recommend that you upgrade your giflib packages. For the detailed security status of giflib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/giflib Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Two vulnerabilities in giflib allow potential denial of service. Upgrade to fix critical issues in Debian LTS.. giflib security update, denial ofservice vulnerabilities, Debian LTS patches. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

Does sandboxing completely stop hackers?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/153-does-sandboxing-completely-stop-hackers?task=poll.vote&format=json
153
radio
0
[{"id":494,"title":"Isolation breeds ultimate system safety.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":495,"title":"Flawed configurations bypass all barriers.","votes":1,"type":"x","order":2,"pct":100,"resources":[]},{"id":496,"title":"Determined exploits always break out.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here