openSUSE

🔴 Critical   ⏱ 15–90 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory openSUSE-SU-2022:10081-1 (see also SUSE bugzilla) Related CVEs: CVE-2022-1996 CVE-2024-25621 CVE-2025-64329 CVE-2024-40635 Upstream summary: Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. Table of contents Symptom & Impact […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2025:10848 (see also SUSE bugzilla) Related CVEs: CVE-2024-6174 CVE-2024-11584 Upstream summary: When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory ESSA-2026:0092 (see also SUSE bugzilla) Related CVEs: CVE-2026-43284 CVE-2026-43500 CVE-2026-31431 CVE-2025-71066 CVE-2025-71231 CVE-2026-23004 CVE-2026-23074 CVE-2026-23191  +12 more Upstream summary: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:10711 (see also SUSE bugzilla) Related CVEs: CVE-2026-4786 CVE-2026-6100 CVE-2025-11468 CVE-2025-4138 CVE-2025-4330 CVE-2025-4435 CVE-2025-4517 CVE-2024-6232  +12 more Upstream summary: Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2026-33250 Upstream summary: Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1347-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-34714 CVE-2026-34982 CVE-2026-33412 CVE-2026-28418 CVE-2026-28419 CVE-2026-28421 CVE-2026-26269 CVE-2026-28417  +12 more Upstream summary: Vim before 9.2.0272 allows code execution that happens immediately upon opening a […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE security advisory (see also SUSE bugzilla) Related CVEs: CVE-2025-69217 CVE-2026-27624 Upstream summary: coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1396-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-67030 Upstream summary: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:21425-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-39373 CVE-2022-3102 CVE-2023-6681 CVE-2024-28102 Upstream summary: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server […]