openSUSE

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:2918 (see also SUSE bugzilla) Related CVEs: CVE-2026-25506 Upstream summary: MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0476-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-21226 Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis Quick Triage Step-by-Step Diagnosis Solution – Primary Fix […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:2719 (see also SUSE bugzilla) Related CVEs: CVE-2026-24882 CVE-2025-68973 CVE-2025-30258 Upstream summary: In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:1902 (see also SUSE bugzilla) Related CVEs: CVE-2026-24049 Upstream summary: wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0404-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-68670 CVE-2024-39917 Upstream summary: xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-FU-2026:20990-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25727 Upstream summary: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0341-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-21932 CVE-2026-21945 CVE-2025-53066 CVE-2025-50106 CVE-2025-30749 CVE-2025-50059 CVE-2025-30754 CVE-2025-30761  +12 more Upstream summary: Unknown. Table of contents Symptom & Impact Environment & Reproduction Root Cause […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0355-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-1484 CVE-2026-1489 CVE-2025-13601 CVE-2025-14087 CVE-2025-6052 CVE-2024-52533 CVE-2025-14512 CVE-2025-7039  +5 more Upstream summary: A flaw was found in the GLib Base64 encoding routine when processing […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0307-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-24486 CVE-2024-53981 Upstream summary: Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:1842 (see also SUSE bugzilla) Related CVEs: CVE-2025-55130 CVE-2025-55131 CVE-2025-59465 CVE-2025-23166 CVE-2025-23083 CVE-2025-59466 CVE-2026-21637 CVE-2026-22036  +12 more Upstream summary: A flaw in Node.js's Permissions model allows attackers to bypass `–allow-fs-read` and […]