openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-51698 Upstream summary: Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2023-46308 CVE-2025-5889 Upstream summary: In Plotly plotly.js before 2.25.2, plot API calls have a risk of __proto__ being polluted in expandObjectPaths or nestedProperty. Table of contents Symptom & Impact […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-22415 Upstream summary: jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0023-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-48620 Upstream summary: uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number. Table of contents Symptom & […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-7158 Upstream summary: A vulnerability was found in MicroPython up to 1.21.0. It has been classified as critical. Affected is the function slice_indices of the […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2022:2352-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-24882 CVE-2022-24883 CVE-2021-41159 CVE-2021-41160 CVE-2017-2834 CVE-2017-2835 CVE-2018-0886 CVE-2018-8784  +12 more Upstream summary: FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2023:0391-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-30801 CVE-2024-51774 Upstream summary: All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-46850 CVE-2022-0547 CVE-2017-7521 CVE-2017-7522 CVE-2025-2704 CVE-2024-5594 CVE-2024-28882 CVE-2023-46849  +9 more Upstream summary: Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-47248 Upstream summary: Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-CU-2023:3807-1 (see also SUSE bugzilla) Related CVEs: CVE-2023-5869 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2026-6473 CVE-2026-6475 CVE-2026-6476 CVE-2026-6477  +12 more Upstream summary: A flaw was found in PostgreSQL that allows authenticated database users to execute […]