openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1861-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-33811 CVE-2026-39820 CVE-2026-39836 CVE-2026-42499 CVE-2026-27140 CVE-2026-27143 CVE-2026-32280 CVE-2026-39817  +12 more Upstream summary: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-30923 CVE-2025-27110 CVE-2024-1019 CVE-2023-38285 CVE-2021-42717 CVE-2026-42268 CVE-2023-28882 CVE-2020-15598 Upstream summary: ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-8947 CVE-2026-1998 Upstream summary: A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1861-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-42501 CVE-2025-64756 CVE-2025-46569 CVE-2025-22870 Upstream summary: A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2026-33414 CVE-2025-9566 CVE-2025-6032 CVE-2024-11218 CVE-2024-3727 CVE-2024-1753 CVE-2022-1227 CVE-2022-27191  +12 more Upstream summary: Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-35397 CVE-2026-40110 CVE-2025-61669 CVE-2026-40934 Upstream summary: Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory BLOG-COPY-FAIL (see also SUSE bugzilla) Related CVEs: CVE-2026-31431 CVE-2009-4273 CVE-2010-0412 CVE-2009-2911 CVE-2010-0411 Upstream summary: In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead – Revert to operating out-of-place This […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-42224 Upstream summary: ipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerability allows an attacker to inject […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-44028 CVE-2025-46415 CVE-2025-52991 CVE-2025-52992 CVE-2025-52993 Upstream summary: An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-41602 CVE-2026-4427 CVE-2026-34986 CVE-2025-68156 CVE-2024-36129 CVE-2024-8975 CVE-2026-25934 CVE-2026-26958  +3 more Upstream summary: Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This […]