openSUSE Tumbleweed

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2023-52389 CVE-2025-6375 Upstream summary: UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::convert() and Poco::UTF32::queryConvert() may return a negative […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-40914 CVE-2018-25099 CVE-2026-41564 Upstream summary: Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow. CryptX embeds a version […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-52556 CVE-2026-33753 Upstream summary: rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to version 1.0.3, there is a […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-202507:15303-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38824 CVE-2020-11651 CVE-2020-25592 CVE-2021-25281 CVE-2021-25315 CVE-2026-31958 CVE-2025-67725 CVE-2025-67726  +12 more Upstream summary: Directory traversal vulnerability in recv_file method allows arbitrary files to be written to […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-49825 CVE-2023-45133 CVE-2025-59530 CVE-2026-34165 CVE-2026-21895 CVE-2024-53259 CVE-2024-35255 CVE-2024-27303 Upstream summary: Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-23394 CVE-2019-18928 CVE-2025-49812 CVE-2019-11356 CVE-2021-33582 CVE-2019-19783 CVE-2024-34055 CVE-2009-3235  +3 more Upstream summary: A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2025:1430-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-43859 Upstream summary: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14948-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-2857 CVE-2024-11691 CVE-2024-11692 CVE-2024-11694 CVE-2024-11695 CVE-2024-11696 CVE-2024-11697 CVE-2024-10458  +12 more Upstream summary: Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14935-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-26794 CVE-2023-42117 CVE-2023-42116 CVE-2010-4344 CVE-2014-2957 CVE-2018-6789 CVE-2019-10149 CVE-2019-13917  +12 more Upstream summary: Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2025:14937-1 Related CVEs: CVE-2025-1974 Upstream summary: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in […]