Linux

AlmaLinux 8 — openssh — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on AlmaLinux 8

AlmaLinux 8 — openssh — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2026:13383 Related CVEs: CVE-2026-35385 CVE-2026-35386 CVE-2026-35387 CVE-2026-35388 CVE-2026-35414 CVE-2026-3497 CVE-2023-38408 CVE-2025-61984  +7 more Upstream summary: OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. […]

Read more
Alpine Linux 3.18 — elfutils — multiple vulnerabilities (14 CVEs) — patch and remediation guide — diagnosis and fix on Alpine Linux 3.18

Alpine Linux 3.18 — elfutils — multiple vulnerabilities (14 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Alpine Linux 3.18 / fixed in 0.176-r0 📖 ~4 min read  •  Source: Alpine secdb entry — elfutils 0.176-r0 Related CVEs: CVE-2019-7146 CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 CVE-2019-18310 CVE-2019-18520  +6 more Upstream summary: Alpine main repository for vv3.18 ships elfutils 0.176-r0 which […]

Read more
Arch Linux — exim — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Arch Linux

Arch Linux — exim — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: Arch Linux (rolling release) 📖 ~4 min read  •  Source: Arch ASA ASA-201910-1 Related CVEs: CVE-2019-16928 CVE-2019-15846 CVE-2019-13917 CVE-2017-16944 CVE-2017-16943 CVE-2017-10140 CVE-2017-1000369 CVE-2025-30232  +1 more Upstream summary: Type: arbitrary code execution. Status: Fixed. Affected: 4.92.2-1. Fixed in: 4.92.3-1. Group: AVG-1038. Table of […]

Read more
Amazon Linux 2 — docker — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on Amazon Linux 2

Amazon Linux 2 — docker — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Amazon Linux 2 📖 ~4 min read  •  Source: Amazon Linux advisory ALAS2ECS-2026-108 Related CVEs: CVE-2026-27143 CVE-2026-27144 CVE-2026-32280 CVE-2026-32281 CVE-2026-32282 CVE-2026-32283 CVE-2026-32288 CVE-2026-32289  +12 more Upstream summary: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in […]

Read more
Gentoo Linux — app-editors/emacs — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on Gentoo Linux

Gentoo Linux — app-editors/emacs — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Gentoo Linux 📖 ~4 min read  •  Source: Gentoo GLSA GLSA-202506-01 Related CVEs: CVE-2024-53920 CVE-2025-1244 CVE-2024-39331 CVE-2022-48337 CVE-2022-48338 CVE-2022-48339 CVE-2024-30202 CVE-2024-30203  +2 more Upstream summary: Multiple vulnerabilities have been discovered in Emacs, org-mode. Please review the CVE identifiers referenced below for details. […]

Read more
AlmaLinux 8 — tigervnc — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on AlmaLinux 8

AlmaLinux 8 — tigervnc — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: AlmaLinux 8 📖 ~4 min read  •  Source: AlmaLinux ALSA ALSA-2026:13414 Related CVEs: CVE-2026-33999 CVE-2026-34001 CVE-2026-34003 CVE-2026-34352 CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 CVE-2025-49175  +12 more Upstream summary: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop […]

Read more
Alpine Linux 3.18 — epiphany — multiple vulnerabilities (5 CVEs) — patch and remediation guide — diagnosis and fix on Alpine Linux 3.18

Alpine Linux 3.18 — epiphany — multiple vulnerabilities (5 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Alpine Linux 3.18 / fixed in 42.2-r0 📖 ~4 min read  •  Source: Alpine secdb entry — epiphany 42.2-r0 Related CVEs: CVE-2022-29536 CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088 Upstream summary: Alpine community repository for vv3.18 ships epiphany 42.2-r0 which addresses CVE-2022-29536. Table of contents […]

Read more
Arch Linux — php — multiple vulnerabilities (15 CVEs) — patch and remediation guide — diagnosis and fix on Arch Linux

Arch Linux — php — multiple vulnerabilities (15 CVEs) — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: Arch Linux (rolling release) 📖 ~4 min read  •  Source: Arch ASA ASA-201910-14 Related CVEs: CVE-2019-11043 CVE-2017-5340 CVE-2016-9936 CVE-2016-9935 CVE-2016-9934 CVE-2016-9933 CVE-2016-9138 CVE-2016-8670  +7 more Upstream summary: Type: arbitrary code execution. Status: Fixed. Affected: 7.3.10-1. Fixed in: 7.3.11-1. Group: AVG-1052. Table of […]

Read more
openSUSE Leap 15.5 — qbittorrent — vulnerability — patch and remediation guide — diagnosis and fix on openSUSE Leap 15.5

openSUSE Leap 15.5 — qbittorrent — vulnerability — patch and remediation guide

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.5 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0391-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-30801 Upstream summary: All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is […]

Read more
Rocky Linux 8 — PackageKit — vulnerability — patch and remediation guide — diagnosis and fix on Rocky Linux 8

Rocky Linux 8 — PackageKit — vulnerability — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Rocky Linux 8 📖 ~4 min read  •  Source: Rocky Linux RXSA RLSA-2026:11635 Related CVEs: CVE-2026-41651 Upstream summary: PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security […]

Read more
CHAT