Package Management

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: spotipy — CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Related CVEs: CVE-2023-23608 CVE-2025-27154 CVE-2025-66040 Upstream summary: https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-r77h-rpp9-w2xm reports: Spotipy is a Python library for the Spotify […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-mysql-connector-python — Vulnerability in the MySQL Connectors product of Oracle MySQL Related CVEs: CVE-2025-21548 Upstream summary: Oracle reports: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: aide — heap-based buffer overflow Related CVEs: CVE-2021-45417 Upstream summary: David Bouman reports: AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 12 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: flac — fix encoder bug Related CVEs: CVE-2007-3507 CVE-2007-4619 CVE-2014-8962 CVE-2014-9028 CVE-2020-0499 CVE-2021-0561 Upstream summary: The FLAC 1.3.4 release reports: Fix 12 decoder bugs found by oss-fuzz. Fix encoder bug […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-Authen-SASL — Insecure source of randomness Related CVEs: CVE-2025-40918 Upstream summary: p5-Authen-SASL project reports: Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl generates the cnonce insecurely. The cnonce (client nonce) is […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: p5-Dancer — possible to abuse session cookie values Upstream summary: Russell Jenkins reports: It was possible to abuse session cookie values so that file-based session stores such as Dancer::Session::YAML or […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cyrus-sasl — Fix off by one error Related CVEs: CVE-2004-0884 CVE-2006-1721 CVE-2009-0688 CVE-2019-19906 Upstream summary: Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports: Fix off by one error Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: libwasmtime — host panic with fd_renumber WASIp1 function Related CVEs: CVE-2025-53901 Upstream summary: WasmTime development team reports: A bug in Wasmtime's implementation of the WASIp1 set of import functions can […]

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: xpdf — multiple remote Stream.CC vulnerabilities Related CVEs: CVE-2004-0888 CVE-2004-0889 CVE-2004-1125 CVE-2005-0064 CVE-2005-2097 CVE-2006-0301 CVE-2007-3387 CVE-2007-4352  +2 more Upstream summary: Secunia Research reports: Secunia Research has discovered some vulnerabilities in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: End of Life Ports Upstream summary: These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take […]