openSUSE

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1218-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-25645 CVE-2024-47081 Upstream summary: Requests is a HTTP library. Prior to version 2.33.0, the `requests.utils.extract_zipped_paths()` utility function uses a predictable filename when extracting files […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1191-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-24401 CVE-2025-68276 CVE-2025-68468 CVE-2025-68471 CVE-2024-52615 CVE-2024-52616 CVE-2023-38469 CVE-2023-38471 Upstream summary: Avahi is a system which facilitates service discovery on a local network via the […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1419-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-9615 Upstream summary: A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1424-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-4897 CVE-2025-7519 Upstream summary: A flaw was found in polkit. A local user can exploit this by providing a specially crafted, excessively long input […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1421-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-31899 Upstream summary: CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:1436-1 (see also SUSE bugzilla) Related CVEs: CVE-2026-33936 Upstream summary: The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory ESSA-2025:3052 (see also SUSE bugzilla) Related CVEs: CVE-2025-49133 Upstream summary: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:8858 (see also SUSE bugzilla) Related CVEs: CVE-2026-23868 CVE-2025-31344 Upstream summary: Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory RHSA-2026:3938 (see also SUSE bugzilla) Related CVEs: CVE-2025-12801 Upstream summary: A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: openSUSE Leap 15.6 📖 ~4 min read  •  Source: SUSE advisory SUSE-SU-2026:0648-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-12474 Upstream summary: A specially-crafted file can cause libjxl's decoder to read pixel data from uninitialized (but allocated) memory. This can be done by […]