Security Hardening

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: hive — authorization logic vulnerability Related CVEs: CVE-2015-7521 Upstream summary: Sushanth Sowmyan reports: Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: uriparser — Multiple vulnerabilities Related CVEs: CVE-2018-19198 CVE-2018-19199 CVE-2018-19200 CVE-2021-46141 CVE-2021-46142 Upstream summary: Upstream project reports: Fix a bug affecting both uriNormalizeSyntax* and uriMakeOwner* functions where the text range in […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2016-3074 Upstream summary: The PHP Group reports: BCMath: Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition). Exif: Fixed bug #72094 (Out […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: py-mysql-connector-python — Vulnerability in the MySQL Connectors product of Oracle MySQL Related CVEs: CVE-2025-21548 Upstream summary: Oracle reports: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: binutils — Multiple vulnerabilities Related CVEs: CVE-2021-3487 CVE-2023-1972 CVE-2023-25585 CVE-2023-25586 CVE-2023-25588 Upstream summary: [email protected] reports PR/281070: A new version of devel/binutils has been released fixing CVE-2023-1972, CVE-2023-25585, CVE-2023-25586, and CVE-2023-25588. […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 13 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: isc-dhcpd — Denial of Service Related CVEs: CVE-2015-8605 Upstream summary: ISC reports: A badly formed packet with an invalid IPv4 UDP length field can cause a DHCP server, client, or […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: php — multiple vulnerabilities Related CVEs: CVE-2013-7456 CVE-2016-4343 CVE-2016-5093 CVE-2016-5094 CVE-2016-5096 Upstream summary: The PHP Group reports: Core: Fixed bug #72114 (Integer underflow / arbitrary null write in fread/gzread). (CVE-2016-5096) […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: h11 accepts some malformed Chunked-Encoding bodies Related CVEs: CVE-2025-43859 Upstream summary: h11 reports: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of […]

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: FreeBSD 14 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: cyrus-sasl — Fix off by one error Related CVEs: CVE-2004-0884 CVE-2006-1721 CVE-2009-0688 CVE-2019-19906 Upstream summary: Cyrus SASL 2.1.x Release Notes New in 2.1.28 reports: Fix off by one error Table […]

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: FreeBSD 15 📖 ~4 min read  •  Source: FreeBSD VuXML VuXML topic: Vulnerability found in Expat Related CVEs: CVE-2026-45186 Upstream summary: Expat 2.8.1 was released yesterday. The key motivation for cutting a release and doing so now was: Fixing vulnerability CVE-2026-45186 that […]