openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1936-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-7111 Upstream summary: Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-42215 CVE-2026-44244 CVE-2026-44243 Upstream summary: GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-42304 Upstream summary: Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-33079 CVE-2026-33441 CVE-2026-44897 Upstream summary: In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS (Regular Expression Denial of Service) vulnerability in `LINK_TITLE_RE` that […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-6321 Upstream summary: fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize() and equal() functions. Encoded path data was […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-29004 CVE-2026-26157 CVE-2026-26158 CVE-2025-60876 CVE-2022-48174 CVE-2016-2147 CVE-2018-1000500 CVE-2018-1000517  +12 more Upstream summary: BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-70067 CVE-2025-2756 CVE-2025-2750 CVE-2025-2751 CVE-2025-2757 CVE-2025-5167 CVE-2025-3158 CVE-2025-3548  +1 more Upstream summary: Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:0002 (see also SUSE bugzilla) Related CVEs: CVE-2025-45582 CVE-2022-48303 CVE-2021-20193 CVE-2001-1267 CVE-2002-0399 CVE-2005-1918 CVE-2006-0300 CVE-2006-6097  +5 more Upstream summary: GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-37457 CVE-2026-37459 CVE-2024-44070 CVE-2024-31950 CVE-2024-31951 CVE-2024-34088 CVE-2024-31948 CVE-2023-47234  +12 more Upstream summary: An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1498-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-4046 CVE-2026-0861 CVE-2025-4802 CVE-2025-5745 CVE-2026-5450 CVE-2026-5928 CVE-2025-15281 CVE-2026-0915  +4 more Upstream summary: The iconv() function in the GNU C Library versions 2.43 and earlier may […]