openSUSE

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-70888 Upstream summary: An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0975-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-27962 CVE-2026-28498 CVE-2025-61920 CVE-2024-37568 CVE-2026-28490 CVE-2025-68158 CVE-2025-62706 Upstream summary: Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-32640 Upstream summary: SimpleEval is a library for adding evaluatable expressions into python projects. Prior to 1.0.5, objects (including modules) can leak dangerous modules […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0855-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-27727 CVE-2026-27830 Upstream summary: mchange-commons-java, a library that provides Java utilities, includes code that mirrors early implementations of JNDI functionality, including support for remote […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0349-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-46478 CVE-2024-45508 Upstream summary: HTMLDOC v1.9.18 contains a buffer overflow in parse_pre function,ps-pdf.cxx:5681. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1008-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-1615 CVE-2025-13465 CVE-2026-27606 CVE-2025-61140 CVE-2025-12816 CVE-2024-22037 Upstream summary: Versions of the package jsonpath before 1.3.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:2706 (see also SUSE bugzilla) Related CVEs: CVE-2025-61732 CVE-2025-61731 CVE-2025-68119 CVE-2025-68121 CVE-2025-61727 CVE-2025-61729 CVE-2025-47912 CVE-2025-58188  +12 more Upstream summary: A discrepancy between how Go and C/C++ comments were parsed allowed for […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-22604 CVE-2024-25641 CVE-2024-34340 CVE-2024-43362 CVE-2024-43363 CVE-2024-43364 CVE-2024-43365 CVE-2024-54145  +12 more Upstream summary: Cacti is an open source performance and fault management framework. Due to […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:1472 (see also SUSE bugzilla) Related CVEs: CVE-2025-15467 CVE-2026-28388 CVE-2026-31789 CVE-2025-9230 CVE-2024-41996 CVE-2024-4741 CVE-2026-28389 CVE-2026-28387  +12 more Upstream summary: Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:23201 (see also SUSE bugzilla) Related CVEs: CVE-2025-13609 Upstream summary: A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a […]