Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Loading...
Explore Latest Linux Security advisories
We found 9,991 articles for you...
100
security advisorybuffer overflowSuSESUSE Security Update mozjs128 Important Heap Overflow CVE-2025-70103
An update that solves one vulnerability can now be installed.. # Security update for mozjs128 Announcement ID: SUSE-SU-2026:22210-1 Release Date: 2026-06-20T07:00:08Z Rating: important References: * bsc#1266463 Cross-References: * CVE-2025-70103 CVSS scores: * CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-70103 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for mozjs128 fixes the following issue * CVE-2025-70103: libjxl: heap buffer overflow when hen processing crafted pbm-images due to insufficient bounds checks (bsc#1266463). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-979=1 * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-979=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libmozjs-128-0-debuginfo-128.14.0-160000.3.1 * mozjs128-debuginfo-128.14.0-160000.3.1 * mozjs128-128.14.0-160000.3.1 * mozjs128-debugsource-128.14.0-160000.3.1 * libmozjs-128-0-128.14.0-160000.3.1 * mozjs128-devel-128.14.0-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libmozjs-128-0-debuginfo-128.14.0-160000.3.1 * mozjs128-debuginfo-128.14.0-160000.3.1 * mozjs128-128.14.0-160000.3.1 * mozjs128-debugsource-128.14.0-160000.3.1 * libmozjs-128-0-128.14.0-160000.3.1 * mozjs128-devel-128.14.0-160000.3.1 ## References: *https://www.suse.com/security/cve/CVE-2025-70103.html * https://bugzilla.suse.com/show_bug.cgi?id=1266463 . Critical security update for SUSE fixing buffer overflow in mozjs128. Install to protect your system against exploits.. SUSE Security Update, Buffer Overflow Fix, mozjs128 Vulnerability. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorybuffer overflowSuSESUSE WebKit2gtk3 Important Security Fix for 16 Issues 2026-22212-1
An update that solves 16 vulnerabilities can now be installed.. # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2026:22212-1 Release Date: 2026-06-20T09:26:54Z Rating: important References: * bsc#1267506 * bsc#1267507 * bsc#1267508 * bsc#1267509 * bsc#1267510 * bsc#1267511 * bsc#1267512 * bsc#1267513 * bsc#1267514 * bsc#1267515 * bsc#1267516 * bsc#1267517 * bsc#1267518 * bsc#1267519 * bsc#1267520 * bsc#1267521 Cross-References: * CVE-2026-28847 * CVE-2026-28883 * CVE-2026-28901 * CVE-2026-28902 * CVE-2026-28903 * CVE-2026-28904 * CVE-2026-28905 * CVE-2026-28907 * CVE-2026-28942 * CVE-2026-28946 * CVE-2026-28947 * CVE-2026-28953 * CVE-2026-28955 * CVE-2026-28958 * CVE-2026-43658 * CVE-2026-43660 CVSS scores: * CVE-2026-28847 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28847 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28847 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28883 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28883 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28883 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-28901 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28901 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28901 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-28902 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28902 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28902 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28903 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28903 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28903( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28904 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28904 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28904 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-28905 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28905 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28905 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-28907 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-28907 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2026-28907 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-28942 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28942 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28942 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28946 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28946 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28946 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28947 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28947 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28947 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28953 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28953 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28953 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-28955 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-28955 ( SUSE ): 7.5CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-28955 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28958 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-28958 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-28958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-43658 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43658 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-43658 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-43660 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-43660 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2026-43660 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 16 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: * CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow (bsc#1267506). * CVE-2026-28883: processing maliciously crafted web content may lead to an unexpected process crash due to a use-after- free issue (bsc#1267507). * CVE-2026-28901: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267508). * CVE-2026-28902: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267509). * CVE-2026-28903: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267510). * CVE-2026-28904: processing maliciously crafted webcontent may lead to an unexpected process crash due to improper memory handling (bsc#1267511). * CVE-2026-28905: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267512). * CVE-2026-28907: processing maliciously crafted web content may prevent Content Security Policy from being enforced due to improper input validation (bsc#1267513). * CVE-2026-28942: processing maliciously crafted web content may lead to an unexpected crash due to use-after-free (bsc#1267514). * CVE-2026-28946: processing maliciously crafted web content may lead to an unexpected crash due to a use-after-free (bsc#1267515). * CVE-2026-28947: rocessing maliciously crafted web content may lead to an unexpected crash due to a use-after-free (bsc#1267516). * CVE-2026-28953: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267517). * CVE-2026-28955: processing maliciously crafted web content may lead to an unexpected process crash due to improper memory handling (bsc#1267518). * CVE-2026-28958: an app may be able to access sensitive user data due to improper data protection (bsc#1267519). * CVE-2026-43658: processing maliciously crafted web content may lead to an unexpected crash due to improper memory handling (bsc#1267520). * CVE-2026-43660: processing maliciously crafted web content may prevent Content Security Policy from being enforced due to issues with logic (bsc#1267521). Changes for webkit2gtk3: * Add support for half-width fonts. * Improve content filter compilation by avoiding file copies. * Improve handling of out of disk space conditions when the NetworkProcess tried to write data in caches. * Improve how the CMake build system checks whether libatomic is required. * Fix painting scrollbars when their width changes. * Fix playback of certain YouTube videos with low frame rates. * Fix webkit://gpu notworking in systems where neither libGL.so.1 nor libOpenGL.so.0 are available. * Fix the build with librice 0.4 or newer when the GStreamer WebRTC backend is enabled at build configuration time. * Fix the build with USE_GSTREAMER_WEBRTC=OFF. * Fix the build with USE_GBM=OFF. * Fix several crashes and rendering issues. * Security fixes: CVE-2026-28847, CVE-2026-28883, CVE-2026-28901, CVE-2026-28902, CVE-2026-28903, CVE-2026-28904, CVE-2026-28905, CVE-2026-28907, CVE-2026-28942, CVE-2026-28946, CVE-2026-28947, CVE-2026-28953, CVE-2026-28955, CVE-2026-28958, CVE-2026-43658, CVe-2026-43660. * Changes in version .52.3; * Add support for the "scrollbar-color" CSS property. * Fix some emoji glyphs being rendered as missing glyph boxes. * Fix JavaScriptCore crashes on architectures other than x86_64. * Fix the build on s390x. * Changes in version 2.52.2: * Improve handling of real-time threads. * Fix scrollbar rendering glitches visible in some GPU configurations. * Fix V4L2 hardware accelerated media codecs now working due to overly restrictive sandbox device access rules. * Fix leak of bitmap images in webkit_favicon_database_get_favicon_finish(). * Fix the build with USE_GTK4=OFF. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-994=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-994=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libjavascriptcoregtk-6_0-1-2.52.4-160000.1.1 * webkit2gtk-4_1-injected-bundles-2.52.4-160000.1.1 * webkit-jsc-4.1-2.52.4-160000.1.1 * typelib-1_0-WebKit-6_0-2.52.4-160000.1.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.52.4-160000.1.1 * webkit-jsc-6.0-2.52.4-160000.1.1 *webkitgtk-6_0-injected-bundles-debuginfo-2.52.4-160000.1.1 * typelib-1_0-WebKit2WebExtension-4_1-2.52.4-160000.1.1 * libwebkit2gtk-4_1-0-2.52.4-160000.1.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.52.4-160000.1.1 * webkit-jsc-4.1-debuginfo-2.52.4-160000.1.1 * libwebkitgtk-6_0-4-2.52.4-160000.1.1 * webkit-jsc-6.0-debuginfo-2.52.4-160000.1.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.52.4-160000.1.1 * libwebkit2gtk-4_1-0-debuginfo-2.52.4-160000.1.1 * webkit2gtk4-minibrowser-2.52.4-160000.1.1 * typelib-1_0-JavaScriptCore-4_1-2.52.4-160000.1.1 * libwebkitgtk-6_0-4-debuginfo-2.52.4-160000.1.1 * webkit2gtk3-minibrowser-debuginfo-2.52.4-160000.1.1 * webkit2gtk3-minibrowser-2.52.4-160000.1.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.52.4-160000.1.1 * typelib-1_0-JavaScriptCore-6_0-2.52.4-160000.1.1 * webkit2gtk4-minibrowser-debuginfo-2.52.4-160000.1.1 * libjavascriptcoregtk-4_1-0-2.52.4-160000.1.1 * webkitgtk-6_0-injected-bundles-2.52.4-160000.1.1 * typelib-1_0-WebKit2-4_1-2.52.4-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * WebKitGTK-6.0-lang-2.52.4-160000.1.1 * WebKitGTK-4.1-lang-2.52.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-2.52.4-160000.1.1 * webkit2gtk-4_1-injected-bundles-2.52.4-160000.1.1 * webkit-jsc-4.1-2.52.4-160000.1.1 * typelib-1_0-WebKit-6_0-2.52.4-160000.1.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.52.4-160000.1.1 * webkit-jsc-6.0-2.52.4-160000.1.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.52.4-160000.1.1 * typelib-1_0-WebKit2WebExtension-4_1-2.52.4-160000.1.1 * libwebkit2gtk-4_1-0-2.52.4-160000.1.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.52.4-160000.1.1 * webkit-jsc-4.1-debuginfo-2.52.4-160000.1.1 * libwebkitgtk-6_0-4-2.52.4-160000.1.1 * webkit-jsc-6.0-debuginfo-2.52.4-160000.1.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.52.4-160000.1.1 *libwebkit2gtk-4_1-0-debuginfo-2.52.4-160000.1.1 * webkit2gtk4-minibrowser-2.52.4-160000.1.1 * typelib-1_0-JavaScriptCore-4_1-2.52.4-160000.1.1 * libwebkitgtk-6_0-4-debuginfo-2.52.4-160000.1.1 * webkit2gtk3-minibrowser-debuginfo-2.52.4-160000.1.1 * webkit2gtk3-minibrowser-2.52.4-160000.1.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.52.4-160000.1.1 * typelib-1_0-JavaScriptCore-6_0-2.52.4-160000.1.1 * webkit2gtk4-minibrowser-debuginfo-2.52.4-160000.1.1 * libjavascriptcoregtk-4_1-0-2.52.4-160000.1.1 * webkitgtk-6_0-injected-bundles-2.52.4-160000.1.1 * typelib-1_0-WebKit2-4_1-2.52.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * WebKitGTK-6.0-lang-2.52.4-160000.1.1 * WebKitGTK-4.1-lang-2.52.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-28847.html * https://www.suse.com/security/cve/CVE-2026-28883.html * https://www.suse.com/security/cve/CVE-2026-28901.html * https://www.suse.com/security/cve/CVE-2026-28902.html * https://www.suse.com/security/cve/CVE-2026-28903.html * https://www.suse.com/security/cve/CVE-2026-28904.html * https://www.suse.com/security/cve/CVE-2026-28905.html * https://www.suse.com/security/cve/CVE-2026-28907.html * https://www.suse.com/security/cve/CVE-2026-28942.html * https://www.suse.com/security/cve/CVE-2026-28946.html * https://www.suse.com/security/cve/CVE-2026-28947.html * https://www.suse.com/security/cve/CVE-2026-28953.html * https://www.suse.com/security/cve/CVE-2026-28955.html * https://www.suse.com/security/cve/CVE-2026-28958.html * https://www.suse.com/security/cve/CVE-2026-43658.html * https://www.suse.com/security/cve/CVE-2026-43660.html * https://bugzilla.suse.com/show_bug.cgi?id=1267506 * https://bugzilla.suse.com/show_bug.cgi?id=1267507 * https://bugzilla.suse.com/show_bug.cgi?id=1267508 * https://bugzilla.suse.com/show_bug.cgi?id=1267509 * https://bugzilla.suse.com/show_bug.cgi?id=1267510 * https://bugzilla.suse.com/show_bug.cgi?id=1267511 *https://bugzilla.suse.com/show_bug.cgi?id=1267512 * https://bugzilla.suse.com/show_bug.cgi?id=1267513 * https://bugzilla.suse.com/show_bug.cgi?id=1267514 * https://bugzilla.suse.com/show_bug.cgi?id=1267515 * https://bugzilla.suse.com/show_bug.cgi?id=1267516 * https://bugzilla.suse.com/show_bug.cgi?id=1267517 * https://bugzilla.suse.com/show_bug.cgi?id=1267518 * https://bugzilla.suse.com/show_bug.cgi?id=1267519 * https://bugzilla.suse.com/show_bug.cgi?id=1267520 * https://bugzilla.suse.com/show_bug.cgi?id=1267521 . This important SUSE update resolves 16 vulnerabilities in webkit2gtk3, enhancing security and fixing critical issues.. SUSE webkit2gtk3 vulnerabilities update, SUSE security fix, important SUSE advisory. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 
100
security advisorySuSEremote executionSUSE Unbound Important Security Update 2026-22213-1 Multiple Issues
An update that solves 11 vulnerabilities can now be installed.. # Security update for unbound Announcement ID: SUSE-SU-2026:22213-1 Release Date: 2026-06-18T14:42:44Z Rating: important References: * bsc#1265578 * bsc#1265580 * bsc#1265581 * bsc#1265582 * bsc#1265583 * bsc#1265584 * bsc#1265585 * bsc#1265586 * bsc#1265587 * bsc#1265588 * bsc#1265589 Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32792 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2026-32792 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-33278 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-33278 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-40622 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-40622 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-41292 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red *CVE-2026-41292 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42534 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42923 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42944 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42944 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42959 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Red * CVE-2026-42959 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-42960 ( NVD ): 5.7 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-42960 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44390 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44390 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( NVD ): 4.6 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber * CVE-2026-44608 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for unbound fixes the following issues * CVE-2026-32792: Packet of death with DNSCrypt (bsc#1265583). * CVE-2026-33278: Possible remote code execution during DNSSEC validation (bsc#1265587). * CVE-2026-40622: "Ghost domain name" variant (bsc#1265581). * CVE-2026-41292: Parsing a long list of incoming EDNS options degrades performance (bsc#1265580). * CVE-2026-42534: Jostle logic bypass degrades resolution performance (bsc#1265585). * CVE-2026-42923: Degradation of service with unbounded NSEC3 hash calculations (bsc#1265589). * CVE-2026-42944: Heap overflow and crash with multiple nsid, cookie, padding EDNS options (bsc#1265578). * CVE-2026-42959: Crash during DNSSEC validation of malicious content (bsc#1265586). * CVE-2026-42960: Possible cache poisoning attack while following delegation (bsc#1265588). * CVE-2026-44390: Unbounded name compression in certain cases causes degradation of service (bsc#1265584). * CVE-2026-44608: Use after free and crash in RPZ code (bsc#1265582). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: *SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-948=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * unbound-anchor-debuginfo-1.24.1-160000.2.1 * unbound-debugsource-1.24.1-160000.2.1 * libunbound8-1.24.1-160000.2.1 * libunbound8-debuginfo-1.24.1-160000.2.1 * unbound-anchor-1.24.1-160000.2.1 * unbound-debuginfo-1.24.1-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html * https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html * https://bugzilla.suse.com/show_bug.cgi?id=1265578 * https://bugzilla.suse.com/show_bug.cgi?id=1265580 * https://bugzilla.suse.com/show_bug.cgi?id=1265581 * https://bugzilla.suse.com/show_bug.cgi?id=1265582 * https://bugzilla.suse.com/show_bug.cgi?id=1265583 * https://bugzilla.suse.com/show_bug.cgi?id=1265584 * https://bugzilla.suse.com/show_bug.cgi?id=1265585 * https://bugzilla.suse.com/show_bug.cgi?id=1265586 * https://bugzilla.suse.com/show_bug.cgi?id=1265587 * https://bugzilla.suse.com/show_bug.cgi?id=1265588 * https://bugzilla.suse.com/show_bug.cgi?id=1265589 . This SUSE update addresses 11 vulnerabilities in unbound, crucial for securing DNS functionality and reliability.. unbound update,SUSE Linux patches,DNS security issues,service degradation fixes,remote code execution. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorydenial of servicebuffer overflowSUSE FreeIPMI Important Denial Of Service Patch 2026-22216-1
An update that solves one vulnerability can now be installed.. # Security update for freeipmi Announcement ID: SUSE-SU-2026:22216-1 Release Date: 2026-06-18T18:35:18Z Rating: important References: * bsc#1267605 Cross-References: * CVE-2026-50031 CVSS scores: * CVE-2026-50031 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-50031 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for freeipmi fixes the following issue * CVE-2026-50031: denial of service via buffer overflow in ipmi-oem client (bsc#1267605). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-953=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 x86_64) * freeipmi-debuginfo-1.6.15-160000.4.1 * libfreeipmi17-debuginfo-1.6.15-160000.4.1 * libfreeipmi17-1.6.15-160000.4.1 * freeipmi-debugsource-1.6.15-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-50031.html * https://bugzilla.suse.com/show_bug.cgi?id=1267605 . This update addresses an important security issue in SUSE's freeipmi software, mitigating a denial of service threat.. SUSE FreeIPMI Update, Important Security Patch, Denial of Service Threat, Buffer Overflow Fix. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorybuffer overflowSuSESUSE sqlite3 Important Code Exec Heap Overflow Issues Fixed 2026-22218-1
An update that solves two vulnerabilities can now be installed.. # Security update for sqlite3 Announcement ID: SUSE-SU-2026:22218-1 Release Date: 2026-06-18T21:09:27Z Rating: important References: * bsc#1268012 * bsc#1268013 Cross-References: * CVE-2026-11822 * CVE-2026-11824 CVSS scores: * CVE-2026-11822 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11822 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-11822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11824 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-11824 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-11824 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for sqlite3 fixes the following issues Update to 3.53.2: * CVE-2026-11822: memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution (bsc#1268012). * CVE-2026-11824: heap-based buffer overflow vulnerability in the FTS5 full- text search extension that allows attackers to cause a crash or execute arbitrary code (bsc#1268013). Changes: * Add the Query Result Formatter (QRF) library for formatting the results of SQL queries for human readability on a fixed-pitch font screen. * Enhance ALTER TABLE to permit adding and removing NOT NULL and CHECK constraints. * The REINDEX EXPRESSIONS statement rebuilds expression indexes. * The body of TEMP triggers may now modify and/or query tables inthe main schema. * Enhance VACUUM INTO so that if a URI filename is used as the target and that filename has a reserve=N query parameter with N between 0 and 255, then the reserve amount for the generated database copy is set to N. * New SQL functions json_array_insert() and jsonb_array_insert(). * Renovations to the CLI. * New C-language interfaces: sqlite3_str_truncate(), sqlite3_str_free(), sqlite3_carray_bind_v2(). * Add the SQLITE_PREPARE_FROM_DDL option to sqlite3_prepare_v3(). * Added the SQLITE_UTF8_ZT constant which can be used as the encoding parameter to sqlite3_result_text64() or sqlite3_bind_text64() to indicate that the value is UTF-8 encoded and zero terminated. * The SQLITE_LIMIT_PARSER_DEPTH option is added to sqlite3_limit(). * The SQLITE_DBCONFIG_FP_DIGITS option is added to sqlite3_db_config(). * Query planner improvements. * Add new interfaces to the session extension that enable an application to add changes one at a time to the sqlite3_changegroup object. * Improvements to floating-point text conversions. * Added the self-healing index feature to deal with the stale expression index problem. * Add the "-p|--port" option to sqlite3_rsync. * Add the "opfs-wl" VFS, functionally identical to the "opfs" VFS but using Web Locks for locking, which can promise fairer lock sharing than the "opfs" bespoke protocol can. "opfs-wl" requires Atomics.waitAsync(), so requires newer browsers than "opfs" does. * Fixes for problems in 3.53.0 and 3.53.1 reported by users. * See the check-in timeline for details: https://sqlite.org/src/timeline?from=version-3.53.0&to=version-3.53.2 * https://sqlite.org/releaselog/3_53_0.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-955=1 ## Package List: *SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * sqlite3-debuginfo-3.53.2-160000.1.1 * sqlite3-debugsource-3.53.2-160000.1.1 * libsqlite3-0-debuginfo-3.53.2-160000.1.1 * libsqlite3-0-3.53.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11822.html * https://www.suse.com/security/cve/CVE-2026-11824.html * https://bugzilla.suse.com/show_bug.cgi?id=1268012 * https://bugzilla.suse.com/show_bug.cgi?id=1268013 . A crucial SUSE update for sqlite3 addresses two major issues, enhancing system stability and security features.. SUSE sqlite3 update security important. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorysecurity issueSuSESUSE Python-PyJWT Important DoS Token Forgery Vulnern 2026-22220-1
An update that solves five vulnerabilities can now be installed.. # Security update for python-PyJWT Announcement ID: SUSE-SU-2026:22220-1 Release Date: 2026-06-19T05:43:05Z Rating: important References: * bsc#1266798 * bsc#1266799 * bsc#1266800 * bsc#1266801 * bsc#1266802 Cross-References: * CVE-2026-48522 * CVE-2026-48523 * CVE-2026-48524 * CVE-2026-48525 * CVE-2026-48526 CVSS scores: * CVE-2026-48522 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48522 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48522 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-48523 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-48523 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48523 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-48524 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-48524 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48524 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48525 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48525 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-48526 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-48526 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-48526 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-PyJWT fixes the following issues * CVE-2026-48522: `PyJWKClient` passes URI arguments directly to `urllib.request.urlopen()` and allows for SSRF and token forgery (bsc#1266798). * CVE-2026-48523: verifier-side algorithm allow-list bypass when `jwt.decode()` or `jwt.decode_complete()` are called with a PyJWK key (bsc#1266799). * CVE-2026-48524: unlimited processing of JWTs with unknown kid values by `PyJWKClient.get_signing_key()` leads to unbounded JWKS endpoint requests and DoS (bsc#1266800). * CVE-2026-48525: unbounded Base64URL decoding of unused payload segment in `b64=false` detached JWS allows for DoS (bsc#1266801). * CVE-2026-48526: no validation of use of JSON Web Keys in HMAC algorithm when decoding JSON Web Tokens allows for forged HS256 tokens (bsc#1266802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-960=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * python313-PyJWT-2.12.1-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-48522.html * https://www.suse.com/security/cve/CVE-2026-48523.html * https://www.suse.com/security/cve/CVE-2026-48524.html * https://www.suse.com/security/cve/CVE-2026-48525.html * https://www.suse.com/security/cve/CVE-2026-48526.html * https://bugzilla.suse.com/show_bug.cgi?id=1266798 * https://bugzilla.suse.com/show_bug.cgi?id=1266799 * https://bugzilla.suse.com/show_bug.cgi?id=1266800 * https://bugzilla.suse.com/show_bug.cgi?id=1266801 * https://bugzilla.suse.com/show_bug.cgi?id=1266802 . Five critical updates for python-PyJWT resolve multiple security issues in SUSE Linux Micro 6.2 to enhance protection.. security update, python-PyJWT, SUSE patch. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorySuSEsoftware updateSUSE Important zypper libzypp libsolv Security Update 2026-22221-1
An update that solves seven vulnerabilities, contains two features and has five fixes can now be installed.. # Security update for zypper, libzypp, libsolv Announcement ID: SUSE-SU-2026:22221-1 Release Date: 2026-06-19T07:18:32Z Rating: important References: * bsc#1239718 * bsc#1246504 * bsc#1253193 * bsc#1259706 * bsc#1259802 * bsc#1259842 * bsc#1265223 * bsc#1265935 * bsc#1265938 * bsc#1266039 * bsc#1267426 * bsc#1267874 * jsc#PED-13680 * jsc#PED-15607 Cross-References: * CVE-2026-25707 * CVE-2026-44933 * CVE-2026-44941 * CVE-2026-44942 * CVE-2026-48863 * CVE-2026-9149 * CVE-2026-9150 CVSS scores: * CVE-2026-25707 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-44933 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44933 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44933 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-44933 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-44941 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-44941 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-44942 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-44942 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44942 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48863 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-48863 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-9149 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9149 ( NVD ): 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-9150 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities, contains two features and has five fixes can now be installed. ## Description: This update for zypper, libzypp, libsolv fixes the following issues: Changes in zypper: Update to 1.14.98: * Transactional systems: Delegate rw-commands to transactional-wrapper if available (jsc#PED-13680, jsc#PED-15607) On a transactional system where the root filesystem is mounted read-only, zypper commands that modify the system cannot be executed directly. If the system provides a transactional-wrapper utility, zypper will automatically attempt to invoke it. The wrapper transparently executes the zypper command within a new, writable snapshot and manages the lifecycle of that snapshot based on the command's exit status. On transactional systems lacking a transactional-wrapper, users must manually invoke specialized tools -such as transactional-update- to install, update, or remove software. * Add --filter-version-change to zypper lu. Adds filtering by version change significance to reduce noise in update listings. Supports levels: rebuild (hides rebuild-only changes) and package (hides all release-only changes). * Autorefresh ris-services the way as plugin-services (bsc#1246504) It's actually wrong to treat service refreshes different depending on the service type. For the purpose of a service it makes no difference how the data about the repos to use are acquired. Changes in libzypp: Updated to 17.38.13: * A .repo files "path=" entry must not refer to a location outside the repo (bsc#1267874, CVE-2026-44942) A "path=" entry may solely denote a sub- directory of the baseurl where the metadata are located. A relative path trying to access data outsidethe baseurl is reported and sanitized. * Repo "keyhint" must denote a filename, no path (bsc#1267426, CVE-2026-44941) * Fix potential crash on malformed or malicious repository metadata (fixes #740) * Repo metadata: discard entries referring to a location outside the repo (bsc#1259802, CVE-2026-25707) Mirroring those data locally would refer to a location outside the repo's local cache directory. Those data entries are reported and discarded. * zypp.conf: Allow [env] section to add environment variables. This feature is designed to enable environment-specific settings or debugging options over an extended period. See zypp.conf(5). * Prevent configured scripts from escaping the sigcheck directory (bsc#1265223, CVE-2026-44933) * StringV: guard hasPrefix/hasPrefixCI against reading past the view end (fixes #735) * Mandatory signature verification plugin support (PED#11922) * Fix purge-kernel -rc kernel handling (bsc#1239718) * Explicitly_set_pool_DISTTYPE_RPM (fixes #726) * Check for trusted key updates when updating the general keyring (bsc#1259706) * Support multiple MirroredOrigin authorities (bsc#1253193) * Workaround doxygen bug: doxygen/doxygen#12057 * libzypp.spec: Add missing graphviz-gd BuildRequires (boo#1259842) Changes in libsolv: Updated to 0.7.39: * fix solv_chksum_free segfault when called with a NULL pointer * made repo_add_solv more robust against corrupt files [bsc#1265935] [CVE-2026-9149] * fix potential buffer overflow when verifying EdDSA signatures [bsc#1266039] [CVE-2026-48863] * added limit checks in multiple places to catch overflows * reduce the size of the language id cache * fixed Debian canon selection * fixed dbpath detection in repo_rpmdb_librpm * reduced stack usage in repo page compression (needed for musl) * fix parsing of sha512 checksums in debian repositories [bsc#1265938] [CVE-2026-9150] * improve speed of dirpool_add_dir makeing parsing of filelists.xml twice as fast * fixparsing of recommends in the old Mandriva synthesis format ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-961=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * zypper-1.14.98-160000.1.1 * zypper-debugsource-1.14.98-160000.1.1 * libsolv-tools-base-debuginfo-0.7.39-160000.1.1 * zypper-debuginfo-1.14.98-160000.1.1 * libsolv-tools-base-0.7.39-160000.1.1 * libzypp-17.38.13-160000.1.1 * libzypp-debuginfo-17.38.13-160000.1.1 * libsolv-debugsource-0.7.39-160000.1.1 * libsolv-debuginfo-0.7.39-160000.1.1 * libzypp-debugsource-17.38.13-160000.1.1 * SUSE Linux Micro 6.2 (noarch) * zypper-needs-restarting-1.14.98-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25707.html * https://www.suse.com/security/cve/CVE-2026-44933.html * https://www.suse.com/security/cve/CVE-2026-44941.html * https://www.suse.com/security/cve/CVE-2026-44942.html * https://www.suse.com/security/cve/CVE-2026-48863.html * https://www.suse.com/security/cve/CVE-2026-9149.html * https://www.suse.com/security/cve/CVE-2026-9150.html * https://bugzilla.suse.com/show_bug.cgi?id=1239718 * https://bugzilla.suse.com/show_bug.cgi?id=1246504 * https://bugzilla.suse.com/show_bug.cgi?id=1253193 * https://bugzilla.suse.com/show_bug.cgi?id=1259706 * https://bugzilla.suse.com/show_bug.cgi?id=1259802 * https://bugzilla.suse.com/show_bug.cgi?id=1259842 * https://bugzilla.suse.com/show_bug.cgi?id=1265223 * https://bugzilla.suse.com/show_bug.cgi?id=1265935 * https://bugzilla.suse.com/show_bug.cgi?id=1265938 * https://bugzilla.suse.com/show_bug.cgi?id=1266039 * https://bugzilla.suse.com/show_bug.cgi?id=1267426 * https://bugzilla.suse.com/show_bug.cgi?id=1267874 *https://jira.suse.com/browse/PED-13680 * https://jira.suse.com/browse/PED-15607 . The SUSE update addresses important fixes for zypper, libzypp, and libsolv, resolving seven key issues and enhancing security.. SUSE security update,zypper security,libzypp update,libsolv vulnerability,important security update. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 100
security advisorySuSEpatchSUSE Ignition Important HTTP Transport Infinite Loop Fix 2026-22224-1
An update that solves one vulnerability can now be installed.. # Security update for ignition Announcement ID: SUSE-SU-2026:22224-1 Release Date: 2026-06-19T16:56:21Z Rating: important References: * bsc#1265751 Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33814 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for ignition fixes the following issue * CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE (bsc#1265751). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-973=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * ignition-2.21.0-160000.4.1 * ignition-debuginfo-2.21.0-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html * https://bugzilla.suse.com/show_bug.cgi?id=1265751 . SUSE update for Ignition addresses an important issue with HTTP/2 transport, fixing an infinite loop vulnerability.. SUSE security update, Ignition vulnerability, HTTP/2 transport issue, SUSE patch instructions. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026 •Important SuSE 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!