openSUSE Tumbleweed

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:10711 (see also SUSE bugzilla) Related CVEs: CVE-2026-4786 CVE-2026-6100 CVE-2026-4224 CVE-2026-1299 CVE-2025-11468 CVE-2026-0672 CVE-2026-1502 CVE-2026-3446  +10 more Upstream summary: Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:12265 (see also SUSE bugzilla) Related CVEs: CVE-2026-4775 CVE-2025-9900 CVE-2025-8176 CVE-2019-17546 CVE-2022-34266 CVE-2022-48281 CVE-2022-3970 CVE-2022-2519  +12 more Upstream summary: A flaw was found in the libtiff library. A remote attacker could exploit […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1347-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-34714 CVE-2026-34982 CVE-2023-4738 CVE-2023-4751 CVE-2023-2609 CVE-2022-3234 CVE-2022-0407 CVE-2022-0413  +12 more Upstream summary: Vim before 9.2.0272 allows code execution that happens immediately upon opening a crafted […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-40170 CVE-2024-52811 Upstream summary: ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1571-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-40706 CVE-2022-40284 CVE-2021-33285 CVE-2021-33289 CVE-2021-35269 CVE-2021-39255 CVE-2021-39258 CVE-2021-39262  +4 more Upstream summary: In NTFS-3G 2022.10.3 before 2026.2.25, a heap buffer overflow exists in ntfs_build_permissions_posix() in […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1819-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-41205 Upstream summary: Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1597-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-33901 CVE-2026-33908 CVE-2026-28493 CVE-2026-28494 CVE-2026-28686 CVE-2026-28687 CVE-2026-28690 CVE-2026-28691  +12 more Upstream summary: ImageMagick is free and open-source software used for editing and manipulating digital images. […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-25635 CVE-2026-25636 CVE-2026-25731 CVE-2026-26064 CVE-2026-26065 CVE-2026-30853 CVE-2026-27810 CVE-2026-27824  +2 more Upstream summary: calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory Related CVEs: CVE-2025-53000 CVE-2026-39377 CVE-2026-39378 Upstream summary: The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions of nbconvert up to and including 7.16.6 on […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-41445 Upstream summary: KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kiss_fftndr_alloc() function in kiss_fftndr.c where the allocation size calculation dimOther*(dimReal+2)*sizeof(kiss_fft_scalar) overflows […]