openSUSE

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2024-10525 CVE-2020-13849 CVE-2023-28366 CVE-2023-3592 CVE-2024-3935 CVE-2021-34434 CVE-2023-0809 Upstream summary: In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0328-1 Related CVEs: CVE-2024-42008 CVE-2024-42009 CVE-2026-35537 CVE-2025-68460 CVE-2025-68461 CVE-2026-25916 CVE-2026-26079 CVE-2024-42010 Upstream summary: A Cross-Site Scripting vulnerability in rcmail_action_mail_get->run() in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:14446-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-41110 CVE-2024-1753 CVE-2024-23651 CVE-2024-23653 CVE-2024-24786 CVE-2024-3727 CVE-2025-54388 CVE-2025-0495  +4 more Upstream summary: Moby is an open-source project created by Docker for software containerization. A […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0123-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-4558 CVE-2023-43010 CVE-2025-31223 CVE-2025-31277 CVE-2025-43214 CVE-2025-43433 CVE-2025-43438 CVE-2025-43457  +12 more Upstream summary: Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0254-2 (see also SUSE bugzilla) Related CVEs: CVE-2024-6988 CVE-2024-6989 CVE-2024-6991 CVE-2024-6994 CVE-2024-6995 CVE-2024-6996 CVE-2024-6997 CVE-2024-6998  +12 more Upstream summary: Use after free in Downloads in Google Chrome on iOS prior to […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0231-1 (see also SUSE bugzilla) Related CVEs: CVE-2021-32798 CVE-2019-11358 Upstream summary: The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0221-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-39705 CVE-2025-14009 Upstream summary: NLTK through 3.8.1 allows remote code execution if untrusted packages have pickled Python code, and the integrated data package download […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0210-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-38448 Upstream summary: htags in GNU Global through 6.6.12 allows code execution in situations where dbpath (aka -d) is untrusted, because shell metacharacters may […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2024:0203-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-39844 Upstream summary: In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. Table of contents Symptom & Impact Environment […]

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2024:2272-1 (see also SUSE bugzilla) Related CVEs: CVE-2024-28397 Upstream summary: An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API […]