Alerts This Week
Warning Icon 1 1,295
Alerts This Week
Warning Icon 1 1,295

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":1,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
202

openSUSE Podman Important Denial of Service Fix 2026-2693-1

An update that solves five vulnerabilities can now be installed.. # Security update for podman Announcement ID: SUSE-SU-2026:2693-1 Release Date: 2026-06-30T09:04:04Z Rating: important References: * bsc#1262856 * bsc#1266125 Cross-References: * CVE-2026-34986 * CVE-2026-39829 * CVE-2026-39830 * CVE-2026-42508 * CVE-2026-46598 CVSS scores: * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-39830 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE LinuxEnterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues * CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262856). * CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598: golang.org/x/crypto/ssh: multiple issues (bsc#1266125). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2693=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2693=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2693=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2693=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2693=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2693=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2693=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2693=1 * SUSE Linux Enterprise High Performance ComputingESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2693=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * podmansh-4.9.5-150400.4.74.2 * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390xx86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.74.2 ## References: * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-39829.html * https://www.suse.com/security/cve/CVE-2026-39830.html * https://www.suse.com/security/cve/CVE-2026-42508.html * https://www.suse.com/security/cve/CVE-2026-46598.html * https://bugzilla.suse.com/show_bug.cgi?id=1262856 * https://bugzilla.suse.com/show_bug.cgi?id=1266125 . # Security update for podman Announcement ID: SUSE-SU-2026:2693-1 Release Date: 2026-06-30T09:04:04Z. update, solves, vulnerabilities, installed, security, podman, announ. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
100

SUSE Podman Important Denial of Service Issues Fixed 2026-2693-1

An update that solves five vulnerabilities can now be installed.. # Security update for podman Announcement ID: SUSE-SU-2026:2693-1 Release Date: 2026-06-30T09:04:04Z Rating: important References: * bsc#1262856 * bsc#1266125 Cross-References: * CVE-2026-34986 * CVE-2026-39829 * CVE-2026-39830 * CVE-2026-42508 * CVE-2026-46598 CVSS scores: * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39830 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39830 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-39830 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42508 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42508 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42508 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46598 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-46598 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-46598 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE LinuxEnterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues * CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262856). * CVE-2026-39829,CVE-2026-39830,CVE-2026-42508,CVE-2026-46598: golang.org/x/crypto/ssh: multiple issues (bsc#1266125). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2693=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2693=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2693=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2693=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2693=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2693=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2693=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2693=1 * SUSE Linux Enterprise High Performance ComputingESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2693=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * podmansh-4.9.5-150400.4.74.2 * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390xx86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.9.5-150400.4.74.2 * podman-4.9.5-150400.4.74.2 * podman-remote-debuginfo-4.9.5-150400.4.74.2 * podman-remote-4.9.5-150400.4.74.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * podman-docker-4.9.5-150400.4.74.2 ## References: * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-39829.html * https://www.suse.com/security/cve/CVE-2026-39830.html * https://www.suse.com/security/cve/CVE-2026-42508.html * https://www.suse.com/security/cve/CVE-2026-46598.html * https://bugzilla.suse.com/show_bug.cgi?id=1262856 * https://bugzilla.suse.com/show_bug.cgi?id=1266125 . SUSE Security Update for Podman addresses five issues including Denial of Service vulnerabilities. Important action needed.. Podman Security Update,SUSE Vulnerabilities,Denial of Service,SUSE Podman Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important SuSE
100

SUSE Nodejs22 Important Vulnerabilites DoS Security Advisory 2026-2695-1

An update that solves 19 vulnerabilities can now be installed.. # Security update for nodejs22 Announcement ID: SUSE-SU-2026:2695-1 Release Date: 2026-06-30T09:06:45Z Rating: important References: * bsc#1259853 * bsc#1262274 * bsc#1266318 * bsc#1268097 * bsc#1268477 * bsc#1268479 * bsc#1268481 * bsc#1268482 * bsc#1268554 * bsc#1268555 * bsc#1268592 * bsc#1268593 * bsc#1268598 * bsc#1268605 * bsc#1268606 * bsc#1268608 * bsc#1268609 * bsc#1268611 * bsc#1268618 Cross-References: * CVE-2026-11525 * CVE-2026-12151 * CVE-2026-27135 * CVE-2026-40170 * CVE-2026-42338 * CVE-2026-48615 * CVE-2026-48617 * CVE-2026-48618 * CVE-2026-48619 * CVE-2026-48928 * CVE-2026-48930 * CVE-2026-48931 * CVE-2026-48933 * CVE-2026-48934 * CVE-2026-48935 * CVE-2026-48937 * CVE-2026-6733 * CVE-2026-9496 * CVE-2026-9679 CVSS scores: * CVE-2026-11525 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-11525 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-12151 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-12151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-12151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27135 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-27135 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27135 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-27135 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40170 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40170 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40170 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40170 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42338 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42338 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42338 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-42338 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-42338 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-48615 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48615 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48615 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48615 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48617 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48617 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2026-48617 ( NVD ): 1.8 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N * CVE-2026-48618 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48618 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48618 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-48618 ( NVD ): 7.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2026-48619 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48619 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48619 ( NVD ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48928 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48928 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N * CVE-2026-48928 ( NVD ): 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48928 ( NVD ): 4.2 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48930 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48930 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-48930 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-48930 ( NVD ): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-48931 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48931 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-48931 ( NVD ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-48933 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48933 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48933 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48933 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48934 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48934 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48934 ( NVD ): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-48935 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48935 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-48935 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-48937 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48937 ( NVD ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-6733 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-6733 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-9496 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-9496 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9496 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-9496 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9679 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-9679 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves 19 vulnerabilities can now be installed. ## Description: This update for nodejs22 fixes the following issues: * CVE-2026-48618: tls: normalize hostname for server identity checks (bsc#1268593). * CVE-2026-48933: crypto: guard WebCrypto cipher output length (bsc#1268592). * CVE-2026-48615: lib,test: redact proxy credentials in tunnel errors (bsc#1268598). * CVE-2026-48619: http2: cap originSet size to prevent unbounded memory growth (bsc#1268618). * CVE-2026-48928: tls: fix case-sensitive SNI context matching (bsc#1268605). * CVE-2026-48930: dns,net: reject hostnames with embedded NUL bytes (bsc#1268606). * CVE-2026-48934: tls: bind reusable sessions to authenticated host (bsc#1268608). * CVE-2026-48617: permission: handle process.chdir on writereport (bsc#1268554). * CVE-2026-48931: http: fix response queue poisoning in http.Agent (bsc#1268611). * CVE-2026-48935: permission: disable FileHandle utimes with permission model (bsc#1268609). * CVE-2026-48937: http2: servers keep accepting data even after sending a `GOAWAY` frame (bsc#1268555). * CVE-2026-12151: undici: Denial of Service due to unbounded memory growth via WebSocket frames (bsc#1268482). * CVE-2026-6733: undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery (bsc#1268479). * CVE-2026-9679: undici: vulnerable to HTTP header injection via Set-Cookie percent-decoding ( bsc#1268477). * CVE-2026-11525: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header (bsc#1268481). * CVE-2026-27135: nghttp2: assertion failure due to missing state validation can lead to DoS (bsc#1259853). * CVE-2026-40170: ngtcp2: qlog parameters_set stack buffer overflow. (bsc#1262274). * CVE-2026-9496: pacote: excessive CPU consumption in `addGitSha` when processing a specially crafted `spec.rawSpec` ( bsc#1266318). * CVE-2026-42338: ip-address: Cross-site scripting via improper HTML escaping of untrusted input (bsc#1268097). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2026-2695=1 ## Package List: * Web and Scripting Module 15-SP7 (aarch64 ppc64le s390x x86_64) * nodejs22-22.23.0-150700.3.12.1 * nodejs22-debugsource-22.23.0-150700.3.12.1 * nodejs22-devel-22.23.0-150700.3.12.1 * nodejs22-debuginfo-22.23.0-150700.3.12.1 * npm22-22.23.0-150700.3.12.1 * Web and Scripting Module 15-SP7 (noarch) * nodejs22-docs-22.23.0-150700.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11525.html * https://www.suse.com/security/cve/CVE-2026-12151.html * https://www.suse.com/security/cve/CVE-2026-27135.html * https://www.suse.com/security/cve/CVE-2026-40170.html * https://www.suse.com/security/cve/CVE-2026-42338.html * https://www.suse.com/security/cve/CVE-2026-48615.html * https://www.suse.com/security/cve/CVE-2026-48617.html * https://www.suse.com/security/cve/CVE-2026-48618.html * https://www.suse.com/security/cve/CVE-2026-48619.html * https://www.suse.com/security/cve/CVE-2026-48928.html *https://www.suse.com/security/cve/CVE-2026-48930.html * https://www.suse.com/security/cve/CVE-2026-48931.html * https://www.suse.com/security/cve/CVE-2026-48933.html * https://www.suse.com/security/cve/CVE-2026-48934.html * https://www.suse.com/security/cve/CVE-2026-48935.html * https://www.suse.com/security/cve/CVE-2026-48937.html * https://www.suse.com/security/cve/CVE-2026-6733.html * https://www.suse.com/security/cve/CVE-2026-9496.html * https://www.suse.com/security/cve/CVE-2026-9679.html * https://bugzilla.suse.com/show_bug.cgi?id=1259853 * https://bugzilla.suse.com/show_bug.cgi?id=1262274 * https://bugzilla.suse.com/show_bug.cgi?id=1266318 * https://bugzilla.suse.com/show_bug.cgi?id=1268097 * https://bugzilla.suse.com/show_bug.cgi?id=1268477 * https://bugzilla.suse.com/show_bug.cgi?id=1268479 * https://bugzilla.suse.com/show_bug.cgi?id=1268481 * https://bugzilla.suse.com/show_bug.cgi?id=1268482 * https://bugzilla.suse.com/show_bug.cgi?id=1268554 * https://bugzilla.suse.com/show_bug.cgi?id=1268555 * https://bugzilla.suse.com/show_bug.cgi?id=1268592 * https://bugzilla.suse.com/show_bug.cgi?id=1268593 * https://bugzilla.suse.com/show_bug.cgi?id=1268598 * https://bugzilla.suse.com/show_bug.cgi?id=1268605 * https://bugzilla.suse.com/show_bug.cgi?id=1268606 * https://bugzilla.suse.com/show_bug.cgi?id=1268608 * https://bugzilla.suse.com/show_bug.cgi?id=1268609 * https://bugzilla.suse.com/show_bug.cgi?id=1268611 * https://bugzilla.suse.com/show_bug.cgi?id=1268618 . SUSE released a critical update for nodejs22 addressing 19 vulnerabilities with important severity ratings.. SUSE Linux,suse security update,nodejs22 vulnerabilities,nodejs22 patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important SuSE
100

SUSE 7zip Important Information Disclosure Heap Overflow Vuln 2026-2696-1

An update that solves eight vulnerabilities can now be installed.. # Security update for 7zip Announcement ID: SUSE-SU-2026:2696-1 Release Date: 2026-06-30T09:10:05Z Rating: important References: * bsc#1267421 * bsc#1267858 * bsc#1267859 * bsc#1267860 * bsc#1267861 * bsc#1267862 * bsc#1267863 * bsc#1267864 Cross-References: * CVE-2026-48092 * CVE-2026-48095 * CVE-2026-48101 * CVE-2026-48102 * CVE-2026-48103 * CVE-2026-48104 * CVE-2026-48111 * CVE-2026-48112 CVSS scores: * CVE-2026-48092 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48092 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48092 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-48095 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-48095 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-48101 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48101 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48102 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48102 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48102 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48102 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48103 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48103 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48103 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48103 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-48104 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48104 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-48104 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-48111 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48111 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48111 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48111 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-48112 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48112 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for 7zip fixes the following issues Update to26.01: * CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure (bsc#1267858). * CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation (bsc#1267421). * CVE-2026-48101: Information Disclosure via uninitialized memory in UEFI capsule parser (bsc#1267859). * CVE-2026-48102: Information disclosure and denial of service via crafted UDF image (bsc#1267860). * CVE-2026-48103: off-by-one heap out-of-bounds read (bsc#1267861). * CVE-2026-48104: Uninitialized heap read in SquashFS archive handler (bsc#1267862). * CVE-2026-48111: off-by-one out-of-bounds read in ParseDepedencyExpression function (bsc#1267863). * CVE-2026-48112: heap out-of-bounds read in BSD SYMDEF parser (bsc#1267864). Changes: * linux version of 7-Zip can use huge pages (2 MB pages). It can increase compression speed for 10% for 7z/xz/LZMA/LZMA2 compression. * new -spo[d|c|r] switch specifies the path generation mode for the output directory for archive extraction. The output directory path is generated from the path specified in the -o{dir_path} switch and the name of the archive being unpacked. -spod : for Linux/Posix/macOS: -o{dir_path} specifies the direct path to the output directory. The asterisk (_) character in {dir_path} will not be replaced by the archive name. -spoc : 7-Zip will concatenate the path specified in -o{dir_path} with the archive name to form the final path to the output directory. -spor : 7-Zip will replace asterisk (_) character in the path specified in the -o{dir_path} with the archive name. This is the default option. * improved code for ZIP, CPIO, RAR, UFD, QCOW, Compound. * 7-Zip File Manager: improved sorting order of the file list. It uses file name as secondary sorting key.: * 7-Zip File Manager: improved Benchmark to support systems with more than 64 CPU threads. * bug fixed: 7-Zip could not correctly extract TAR archives containing sparse files ##Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2696=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2696=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2696=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2696=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2696=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2696=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2696=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2696=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2696=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2696=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2696=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2696=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * openSUSE Leap 15.4(aarch64 i586 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48092.html * https://www.suse.com/security/cve/CVE-2026-48095.html * https://www.suse.com/security/cve/CVE-2026-48101.html * https://www.suse.com/security/cve/CVE-2026-48102.html * https://www.suse.com/security/cve/CVE-2026-48103.html * https://www.suse.com/security/cve/CVE-2026-48104.html * https://www.suse.com/security/cve/CVE-2026-48111.html * https://www.suse.com/security/cve/CVE-2026-48112.html * https://bugzilla.suse.com/show_bug.cgi?id=1267421 * https://bugzilla.suse.com/show_bug.cgi?id=1267858 * https://bugzilla.suse.com/show_bug.cgi?id=1267859 * https://bugzilla.suse.com/show_bug.cgi?id=1267860 * https://bugzilla.suse.com/show_bug.cgi?id=1267861 * https://bugzilla.suse.com/show_bug.cgi?id=1267862 * https://bugzilla.suse.com/show_bug.cgi?id=1267863 * https://bugzilla.suse.com/show_bug.cgi?id=1267864 . Eight vulnerabilities solved in a security update for 7zip affecting multiple SUSE products. Immediate patch recommended.. SUSE security update, 7zip vulnerabilities, important patches. . Severity:Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important SuSE
202

openSUSE 7zip Important Security Update for 8 Issues 2026-2696-1

An update that solves eight vulnerabilities can now be installed.. # Security update for 7zip Announcement ID: SUSE-SU-2026:2696-1 Release Date: 2026-06-30T09:10:05Z Rating: important References: * bsc#1267421 * bsc#1267858 * bsc#1267859 * bsc#1267860 * bsc#1267861 * bsc#1267862 * bsc#1267863 * bsc#1267864 Cross-References: * CVE-2026-48092 * CVE-2026-48095 * CVE-2026-48101 * CVE-2026-48102 * CVE-2026-48103 * CVE-2026-48104 * CVE-2026-48111 * CVE-2026-48112 CVSS scores: * CVE-2026-48092 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48092 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48092 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-48095 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-48095 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-48101 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48101 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-48102 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48102 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48102 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48102 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-48103 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-48103 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48103 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48103 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-48104 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48104 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-48104 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-48111 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48111 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48111 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48111 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2026-48112 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-48112 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for 7zip fixes the following issues Update to26.01: * CVE-2026-48092: Information disclosure in 32-bit builds due to heap memory disclosure (bsc#1267858). * CVE-2026-48095: Heap buffer overflow via NTFS compressed stream buffer under-allocation (bsc#1267421). * CVE-2026-48101: Information Disclosure via uninitialized memory in UEFI capsule parser (bsc#1267859). * CVE-2026-48102: Information disclosure and denial of service via crafted UDF image (bsc#1267860). * CVE-2026-48103: off-by-one heap out-of-bounds read (bsc#1267861). * CVE-2026-48104: Uninitialized heap read in SquashFS archive handler (bsc#1267862). * CVE-2026-48111: off-by-one out-of-bounds read in ParseDepedencyExpression function (bsc#1267863). * CVE-2026-48112: heap out-of-bounds read in BSD SYMDEF parser (bsc#1267864). Changes: * linux version of 7-Zip can use huge pages (2 MB pages). It can increase compression speed for 10% for 7z/xz/LZMA/LZMA2 compression. * new -spo[d|c|r] switch specifies the path generation mode for the output directory for archive extraction. The output directory path is generated from the path specified in the -o{dir_path} switch and the name of the archive being unpacked. -spod : for Linux/Posix/macOS: -o{dir_path} specifies the direct path to the output directory. The asterisk (_) character in {dir_path} will not be replaced by the archive name. -spoc : 7-Zip will concatenate the path specified in -o{dir_path} with the archive name to form the final path to the output directory. -spor : 7-Zip will replace asterisk (_) character in the path specified in the -o{dir_path} with the archive name. This is the default option. * improved code for ZIP, CPIO, RAR, UFD, QCOW, Compound. * 7-Zip File Manager: improved sorting order of the file list. It uses file name as secondary sorting key.: * 7-Zip File Manager: improved Benchmark to support systems with more than 64 CPU threads. * bug fixed: 7-Zip could not correctly extract TAR archives containing sparse files ##Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2696=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2696=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2696=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2696=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2696=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2696=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2696=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2696=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2696=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2696=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2696=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2696=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * openSUSE Leap 15.4(aarch64 i586 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * 7zip-26.01-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48092.html * https://www.suse.com/security/cve/CVE-2026-48095.html * https://www.suse.com/security/cve/CVE-2026-48101.html * https://www.suse.com/security/cve/CVE-2026-48102.html * https://www.suse.com/security/cve/CVE-2026-48103.html * https://www.suse.com/security/cve/CVE-2026-48104.html * https://www.suse.com/security/cve/CVE-2026-48111.html * https://www.suse.com/security/cve/CVE-2026-48112.html * https://bugzilla.suse.com/show_bug.cgi?id=1267421 * https://bugzilla.suse.com/show_bug.cgi?id=1267858 * https://bugzilla.suse.com/show_bug.cgi?id=1267859 * https://bugzilla.suse.com/show_bug.cgi?id=1267860 * https://bugzilla.suse.com/show_bug.cgi?id=1267861 * https://bugzilla.suse.com/show_bug.cgi?id=1267862 * https://bugzilla.suse.com/show_bug.cgi?id=1267863 * https://bugzilla.suse.com/show_bug.cgi?id=1267864 . # Security update for 7zip Announcement ID: SUSE-SU-2026:2696-1 Release Date: 2026-06-30T09:10:05Z R. update, solves, eight, vulnerabilities, installed, security, announc. . Severity: Important.LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
100

SUSE opensc Important Buffer Overflow and Read Vulnerabilities 2026-2697-1

An update that solves six vulnerabilities can now be installed.. # Security update for opensc Announcement ID: SUSE-SU-2026:2697-1 Release Date: 2026-06-30T09:15:07Z Rating: important References: * bsc#1261214 * bsc#1261218 * bsc#1261219 * bsc#1261220 * bsc#1266963 * bsc#1267246 Cross-References: * CVE-2025-49010 * CVE-2025-66037 * CVE-2025-66038 * CVE-2025-66215 * CVE-2026-10275 * CVE-2026-40528 CVSS scores: * CVE-2025-49010 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66037 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66037 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66038 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66038 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66215 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66215 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-10275 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-10275 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-10275 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-10275 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40528 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40528 ( NVD ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40528 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for opensc fixes the following issues * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). * CVE-2025-66037: crafted input can cause an out-of-bounds read (bsc#1261218). * CVE-2025-66038: improper compact-TLV length validation can lead to crash or unexpected behavior (bsc#1261219). * CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). * CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation (bsc#1267246). * CVE-2026-40528: stack and heap buffer overrun in the `do_key_value()` function due to missing length check allows for memory corruption via a crafted profile configuration file (bsc#1266963). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2697=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2697=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2697=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2697=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (x86_64) * opensc-32bit-0.22.0-150600.11.11.1 * opensc-32bit-debuginfo-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (aarch64_ilp32) * opensc-64bit-debuginfo-0.22.0-150600.11.11.1 * opensc-64bit-0.22.0-150600.11.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49010.html * https://www.suse.com/security/cve/CVE-2025-66037.html * https://www.suse.com/security/cve/CVE-2025-66038.html * https://www.suse.com/security/cve/CVE-2025-66215.html * https://www.suse.com/security/cve/CVE-2026-10275.html *https://www.suse.com/security/cve/CVE-2026-40528.html * https://bugzilla.suse.com/show_bug.cgi?id=1261214 * https://bugzilla.suse.com/show_bug.cgi?id=1261218 * https://bugzilla.suse.com/show_bug.cgi?id=1261219 * https://bugzilla.suse.com/show_bug.cgi?id=1261220 * https://bugzilla.suse.com/show_bug.cgi?id=1266963 * https://bugzilla.suse.com/show_bug.cgi?id=1267246 . SUSE issues important security updates for opensc fixing multiple vulnerabilities related to buffer overflows and more.. SUSE advisory opensc update important vulnerabilities security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important SuSE
202

openSUSE opensc Important Stack Overflow Buffer Overrun Vulner 2026-2697-1

An update that solves six vulnerabilities can now be installed.. # Security update for opensc Announcement ID: SUSE-SU-2026:2697-1 Release Date: 2026-06-30T09:15:07Z Rating: important References: * bsc#1261214 * bsc#1261218 * bsc#1261219 * bsc#1261220 * bsc#1266963 * bsc#1267246 Cross-References: * CVE-2025-49010 * CVE-2025-66037 * CVE-2025-66038 * CVE-2025-66215 * CVE-2026-10275 * CVE-2026-40528 CVSS scores: * CVE-2025-49010 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-49010 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-49010 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66037 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66037 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66037 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66038 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66038 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2025-66038 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-66215 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2025-66215 ( SUSE ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2025-66215 ( NVD ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-10275 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-10275 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-10275 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-10275 ( NVD ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40528 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40528 ( NVD ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40528 ( NVD ): 3.8 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-40528 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for opensc fixes the following issues * CVE-2025-49010: stack-buffer-overflow via crafted smart card or USB device responses (bsc#1261214). * CVE-2025-66037: crafted input can cause an out-of-bounds read (bsc#1261218). * CVE-2025-66038: improper compact-TLV length validation can lead to crash or unexpected behavior (bsc#1261219). * CVE-2025-66215: crafted smart card or USB device can cause a stack-buffer- overflow write (bsc#1261220). * CVE-2026-10275: global buffer overflow during key pair generation tests due to missing input validation (bsc#1267246). * CVE-2026-40528: stack and heap buffer overrun in the `do_key_value()` function due to missing length check allows for memory corruption via a crafted profile configuration file (bsc#1266963). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2697=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2697=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2697=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2697=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (x86_64) * opensc-32bit-0.22.0-150600.11.11.1 * opensc-32bit-debuginfo-0.22.0-150600.11.11.1 * openSUSE Leap 15.6 (aarch64_ilp32) * opensc-64bit-debuginfo-0.22.0-150600.11.11.1 * opensc-64bit-0.22.0-150600.11.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * opensc-0.22.0-150600.11.11.1 * opensc-debuginfo-0.22.0-150600.11.11.1 * opensc-debugsource-0.22.0-150600.11.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49010.html * https://www.suse.com/security/cve/CVE-2025-66037.html * https://www.suse.com/security/cve/CVE-2025-66038.html * https://www.suse.com/security/cve/CVE-2025-66215.html * https://www.suse.com/security/cve/CVE-2026-10275.html *https://www.suse.com/security/cve/CVE-2026-40528.html * https://bugzilla.suse.com/show_bug.cgi?id=1261214 * https://bugzilla.suse.com/show_bug.cgi?id=1261218 * https://bugzilla.suse.com/show_bug.cgi?id=1261219 * https://bugzilla.suse.com/show_bug.cgi?id=1261220 * https://bugzilla.suse.com/show_bug.cgi?id=1266963 * https://bugzilla.suse.com/show_bug.cgi?id=1267246 . # Security update for opensc Announcement ID: SUSE-SU-2026:2697-1 Release Date: 2026-06-30T09:15:07Z. update, solves, vulnerabilities, installed, security, opensc, announc. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important OpenSUSE
100

SUSE cifs-utils Important Local Privilege Escalation Vuln 2026-2699-1

An update that solves one vulnerability can now be installed.. # Security update for cifs-utils Announcement ID: SUSE-SU-2026:2699-1 Release Date: 2026-06-30T09:21:47Z Rating: important References: * bsc#1267389 Cross-References: * CVE-2026-12505 CVSS scores: * CVE-2026-12505 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-12505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for cifs-utils fixes the following issue * CVE-2026-12505: cifs.upcall local privilege escalation via request_key- controlled namespaceswitch and NSS loading (bsc#1267389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2699=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2699=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2699=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2699=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2699=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2699=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2699=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2699=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2699=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2699=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2699=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2699=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2699=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP6-2026-2699=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2699=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * pam_cifscreds-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * pam_cifscreds-debuginfo-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) *cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64ppc64le s390x x86_64) * cifs-utils-6.15-150400.3.21.1 * cifs-utils-debuginfo-6.15-150400.3.21.1 * cifs-utils-debugsource-6.15-150400.3.21.1 * cifs-utils-devel-6.15-150400.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2026-12505.html * https://bugzilla.suse.com/show_bug.cgi?id=1267389 . A critical security update for cifs-utils addressing local escalation risks in SUSE systems is available now.. cifs-utils security update,suse local privilege escalation,linux vulnerability mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 30, 2026 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":1,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here