FreeBSD

FreeBSD 15 — py311-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py311-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

Read more
FreeBSD 13 — courier-imap — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — courier-imap — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: courier-imap — format string vulnerability in debug mode Related CVEs: CVE-2004-0224 CVE-2004-0777 Upstream summary: An iDEFENSE security advisory describes a format string vulnerability that could be exploited when Courier-IMAP is […]

Read more
FreeBSD 13 — mysql-scripts — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — mysql-scripts — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: mysql-scripts — mysqlaccess insecure temporary file creation Related CVEs: CVE-2004-0457 CVE-2005-0004 Upstream summary: The Debian Security Team reports: Javier Fernández-Sanguino Peña from the Debian Security Audit Project discovered a temporary […]

Read more
FreeBSD 14 — py310-social-auth-app-django — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — py310-social-auth-app-django — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-social-auth-app-django — Unsafe account association Related CVEs: CVE-2024-32879 CVE-2025-61783 Upstream summary: Michal Čihař reports: Upon authentication, the user could be associated by e-mail even if the associate_by_email pipeline was not […]

Read more
FreeBSD 13 — php55-exif — multiple vulnerabilities (13 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 13

FreeBSD 13 — php55-exif — multiple vulnerabilities (13 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2015-8879 CVE-2016-3074 CVE-2016-5385 CVE-2016-5399 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291  +5 more Upstream summary: PHP reports: Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) […]

Read more
FreeBSD 12 — postgresql95-server — multiple vulnerabilities (20 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — postgresql95-server — multiple vulnerabilities (20 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: PostgresSQL — TYPE in pg_temp execute arbitrary SQL during `SECURITY DEFINER` execution Related CVEs: CVE-2016-0766 CVE-2016-0773 CVE-2016-2193 CVE-2016-3065 CVE-2016-5423 CVE-2016-5424 CVE-2017-15098 CVE-2017-15099  +12 more Upstream summary: The PostgreSQL project reports: […]

Read more
FreeBSD 15 — py313-dj52-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — py313-dj52-strawberry-graphql — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-strawberry-graphql — Multiple vulnerabilities Related CVEs: CVE-2026-35523 CVE-2026-35526 Upstream summary: The Strawberry GraphQL project reports: Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. […]

Read more
FreeBSD 15 — puppetserver — multiple vulnerabilities (4 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 15

FreeBSD 15 — puppetserver — multiple vulnerabilities (4 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: puppet — Unsafe HTTP Redirect Related CVEs: CVE-2018-1000180 CVE-2018-1000613 CVE-2020-7943 CVE-2021-27023 Upstream summary: Puppet reports: A flaw was discovered in Puppet Agent and Puppet Server that may result in a […]

Read more
FreeBSD 12 — py312-h — vulnerability — patch and remediation guide — diagnosis and fix on FreeBSD 12

FreeBSD 12 — py312-h — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: h11 accepts some malformed Chunked-Encoding bodies Related CVEs: CVE-2025-43859 Upstream summary: h11 reports: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of […]

Read more
FreeBSD 14 — linux_base-rl — multiple vulnerabilities (2 CVEs) — patch and remediation guide — diagnosis and fix on FreeBSD 14

FreeBSD 14 — linux_base-rl — multiple vulnerabilities (2 CVEs) — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: sqlite — integer overflow Related CVEs: CVE-2025-3277 CVE-2025-6965 Upstream summary: [email protected] reports: An integer overflow can be triggered in SQLites `concat_ws()` function. The resulting, truncated integer is then used to […]

Read more
CHAT