oss-security mailing list
Recent messages:
- 2026/06/02 #12:
Linux kernel TLS ULP use-after-free in tls_sk_proto_close() (Oleg Sevostyanov <savant05@...il.com>)
- 2026/06/02 #11:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH
mask matching, CVE pending (Stuart Henderson <stu@...cehopper.org>)
- 2026/06/02 #10:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH mask matching, CVE pending (Dan Yefihmov <dan@...htwave.net.ru>)
- 2026/06/02 #9:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH
mask matching, CVE pending (Stuart Henderson <stu@...cehopper.org>)
- 2026/06/02 #8:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH
mask matching, CVE pending (Bakabaka_9 <qilunuobakabaka9@...il.com>)
- 2026/06/02 #7:
[OSSA-2026-016] OpenStack Neutron: Errata 1 - Tagging policy bypass
allows project readers to mutate tags (CVE-2026-492… (Goutham Pacha Ravi <gouthampravi@...il.…)
- 2026/06/02 #6:
[OSSA-2026-014] OpenStack Swift: Errata 1 - Proxy-server denial of
service via truncated s3api chunked upload, (CVE-202… (Goutham Pacha Ravi <gouthampravi@...il.…)
- 2026/06/02 #5:
CVE-2026-41115: Apache Kafka: Improper Authorization in
CONSUMER_GROUP_DESCRIBE API (Luke Chen <showuon@...che.org>)
- 2026/06/02 #4:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH mask matching, CVE pending (Dan Yefihmov <dan@...htwave.net.ru>)
- 2026/06/02 #3:
Re: BIRD/BIRD2: stack buffer overflow in BGP AS_PATH
mask matching, CVE pending (Stuart Henderson <stu@...cehopper.org>)
- 2026/06/02 #2:
BIRD/BIRD2: stack buffer overflow in BGP AS_PATH mask matching, CVE pending (Bakabaka_9 <qilunuobakabaka9@...il.com>)
- 2026/06/02 #1:
FW: X.Org Security Advisory: multiple security issues X.Org X server
and Xwayland (Peter Hutterer <peter.hutterer@...-t.net>)
- 2026/06/01 #13:
CVE-2025-60495: NULL Pointer Dereference in GPAC/MP4Box via
gf_media_get_color_info on crafted MP4 with inconsistent sa… ("Alexander A. Shvedov" <shvedov@....com…)
- 2026/06/01 #12:
CVE-2025-60486: Use-After-Free in GPAC/MP4Box via dasher_process on
crafted MPEG-2 TS file ("Alexander A. Shvedov" <shvedov@....com>)
- 2026/06/01 #11:
CVE-2025-60485: NULL Pointer Dereference in GPAC/MP4Box via
gf_isom_apple_set_tag_ex on crafted MP4 with corrupted esds… ("Alexander A. Shvedov" <shvedov@....com…)
- 2026/06/01 #10:
CVE-2025-55664: Heap-based Buffer Overflow in GPAC/MP4Box via
m2tsdmx_send_packet on crafted MPEG-2 TS file ("Alexander A. Shvedov" <shvedov@....com>)
- 2026/06/01 #9:
CVE-2025-60483: NULL Pointer Dereference in GPAC/MP4Box via
gf_ac4_pres_b_4_back_channels_present on crafted AC-4 strea… ("Alexander A. Shvedov" <shvedov@....com…)
- 2026/06/01 #8:
CVE-2025-60481: NULL Pointer Dereference in GPAC/MP4Box via
gf_odf_ac4_cfg_dsi_v1 on crafted AC-4 stream ("Alexander A. Shvedov" <shvedov@....com>)
- 2026/06/01 #7:
CVE-2026-46718: Apache Calcite: A user-controled model can load
arbitrary classes, leading to code execution (Julian Hyde <jhyde@...che.org>)
- 2026/06/01 #6:
Re: CIFSwitch: Linux kernel/cifs-utils local root via forged cifs.spnego upcall (manizada <manizada@...me>)
- 2026/06/01 #5:
[CVE-2026-8643] pip can extract console_scripts and
gui_scripts outside installation directory (Alan Coopersmith <alan.coopersmith@...cle.com>)
- 2026/06/01 #4:
CVE-2026-49328: Apache Fesod (Incubating): Improper validation of
user-supplied URLs leading to SSRF (Shuxin Pan <psxjoy@...che.org>)
- 2026/06/01 #3:
CVE-2026-45192: Apache Airflow: Incomplete Redaction of Sensitive
Fields in Connection Extra API Response (Rahul Vats <rahulvats@...che.org>)
- 2026/06/01 #2:
CVE-2026-35563: Apache Directory LDAP API: LDAP client
implementation does not verify if the server certificate matches… (Emmanuel Lécharny <elecharny@...che.or…)
- 2026/06/01 #1:
CVE-2026-8796: Sereal::Decoder versions before 5.005 for Perl allow
heap out-of-bounds read via crafted input (Paul Johnson <paul@...j.net>)
- 2026/05/31 #23:
Re: CVE request experience (Fabian Keil <freebsd-listen@...iankeil.de>)
- 2026/05/31 #22:
CVE-2026-49270: Apache ActiveMQ Broker, Apache ActiveMQ, Apache
ActiveMQ All: Durable Subscription Disclosure via Craft… ("Christopher L. Shannon" <cshannon@...c…)
- 2026/05/31 #21:
CVE-2026-49157: Apache ActiveMQ: Authenticated low-privilege Web
users retain Jolokia broker-management capability by d… ("Christopher L. Shannon" <cshannon@...c…)
- 2026/05/31 #20:
CVE-2026-46605: Apache ActiveMQ Broker, Apache ActiveMQ All,
Apache ActiveMQ: Incomplete authorization during destinati… ("Christopher L. Shannon" <cshannon@...c…)
- 2026/05/31 #19:
CVE-2026-45505: Apache ActiveMQ Broker, Apache ActiveMQ All,
Apache ActiveMQ: Jolokia `addNetworkConnector` Discovery W… ("Christopher L. Shannon" <cshannon@...c…)
- 2026/05/31 #18:
CVE-2026-42588: Apache ActiveMQ Broker, Apache ActiveMQ All,
Apache ActiveMQ: Remote Code Execution via Jolokia addNetw… ("Christopher L. Shannon" <cshannon@...c…)
- 2026/05/31 #17:
CVE-2026-42253: Apache ActiveMQ, Apache ActiveMQ Web: HTTP
Response Header Injection via JMS Message Properties ("Christopher L. Shannon" <cshannon@...che.org…)
- 2026/05/31 #16:
CVE-2026-49298: Apache Airflow: JWT Token Exposure in
KubernetesExecutor Command-Line Arguments (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #15:
CVE-2026-48726: Apache Airflow: revoke_token() unreachable in
FabAuthManager / KeycloakAuthManager logout path (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #14:
CVE-2026-46764: Apache Airflow: Event Log detail endpoint bypasses
DAG-scoped event log permission filter (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #13:
CVE-2026-45426: Apache Airflow: Log server JWT authorization
bypass via Python lstrip() character stripping allows cross-Dag … (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #12:
CVE-2026-45360: Apache Airflow: Arbitrary import in custom
deadline-reference deserialization (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #11:
CVE-2026-42359: Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS valid… (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #10:
CVE-2026-42358: Apache Airflow: Variable masker depth-limit bypass
returns cleartext nested secrets (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #9:
CVE-2026-42360: Apache Airflow: Rendered template truncation
bypasses nested sensitive-key masking (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #8:
CVE-2026-42252: Apache Airflow: BashOperator Jinja2 injection via dag_run.conf — low-privilege user pattern (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #7:
CVE-2026-41084: Apache Airflow: API authorization bypass: bulk
TaskInstances allows cross-DAG mutation (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #6:
CVE-2026-41017: Apache Airflow: JWT cookie missing Secure flag in
JWTRefreshMiddleware behind HTTPS-terminating proxy (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #5:
CVE-2026-49267: Apache Airflow: No certificate validation on SMTP
STARTTLS connections (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #4:
CVE-2026-41014: Apache Airflow: per-DAG RBAC bypass on
/ui/partitioned_dag_runs endpoints (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #3:
CVE-2026-40963: Apache Airflow: DAG authorization bypass on
/ui/structure/structure_data (Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #2:
CVE-2026-40961: Apache Airflow: Open Redirect Bypass Vulnerability
(Rahul Vats <rahulvats@...che.org>)
- 2026/05/31 #1:
CVE-2026-40861: Apache Airflow: Arbitrary File Read via Log
Symlink following in FileTaskHandler (Rahul Vats <rahulvats@...che.org>)
- 2026/05/30 #7:
CVE-2025-70103: Heap-based Buffer Overflow in libjxl/cjxl via
jxl::extras::DecodeImagePNM on crafted PBM file ("Alexander A. Shvedov" <shvedov@....com>)
- 2026/05/30 #6:
CVE-2026-8594: Text::LineFold versions through 2019.001 for Perl
duplicate the output based on the number of special break… (Robert Rothenberg <rrwo@...nsec.org>)
- 2026/05/30 #5:
CVE-2026-49361: Apache Fluss Netty Frame Decoder Memory Exhaustion
Vulnerability (Jark Wu <jark@...che.org>)
- 2026/05/30 #4:
[vim-security] Out-of-bounds Read in Terminal Screen Snapshot in Vim
< 9.2.565 (Christian Brabandt <cb@...bit.org>)
- 2026/05/30 #3:
CVE-2026-47187, CVE-2026-48711: sshfs <= 3.7.5 symlink escape (local
file read/write) and ssh argument injection (local… (Abhinav Agarwal <abhinavagarwal1996@gma…)
- 2026/05/30 #2:
CVE-2025-70116: NULL Pointer Dereference in GPAC/MP4Box via
gf_media_map_esd on truncated MP4 input (Alexander <shvedov@....com>)
- 2026/05/30 #1:
CVE-2026-48827: Apache MINA SSHD: Path traversal in
org.apache.sshd:sshd-git (Thomas Wolf <twolf@...che.org>)
- 2026/05/29 #6:
CVE-2026-44825: Apache Solr: Enabling BasicAuth using bin/solr CLI
configures additional insecure users (Jan Høydahl <janhoy@...che.org>)
- 2026/05/29 #5:
[vim-security] Arbitrary Code Execution via Python Omni-Completion
in Vim < 9.2.561 (Christian Brabandt <cb@...bit.org>)
- 2026/05/29 #4:
[vim-security] Arbitrary Code Execution via Python Omni-Completion
in Vim < 9.2.561 (Christian Brabandt <cblists@...bit.org>)
- 2026/05/29 #3:
CVE-2026-48840: Exim 4.99.4: PROXY-protocol uninitialised-stack
information disclosure (Heiko Schlittermann <hs@...marc.schlittermann.de>)
- 2026/05/29 #2:
CVE-2024-13745, EDK II: several issues with partition table measurements (Maxim Suhanov <dfirblog@...il.com>)
- 2026/05/29 #1:
Re: Linux: DMA-after-unmap race in ZCRX via netif_rxq_cleanup_unlease() ordering inversion (netkit + page_pool) (Solar Designer <solar@...nwall.com>)
- 2026/05/28 #10:
CVE-2026-41565: CryptX versions before 0.088_001 for Perl have a
stack buffer overflow in four AEAD decrypt_verify helpers (Stig Palmquist <stig@...g.io>)
- 2026/05/28 #9:
CVE-2026-9658: Plack::Middleware::Security::Common versions before
0.13.1 for Perl did not block header injections in requ… (Robert Rothenberg <rrwo@...nsec.org>)
- 2026/05/28 #8:
[OSSA-2026-016] OpenStack Neutron: Tagging policy bypass allows
project readers to mutate tags (CVE-2026-pending) (Goutham Pacha Ravi <gouthampravi@...il.com>)
- 2026/05/28 #7:
[OSSA-2026-015] OpenStack Keystone: Multiple credential delegation
and authorization bypass vulnerabilities (CVE-2026-4… (Goutham Pacha Ravi <gouthampravi@...il.…)
- 2026/05/28 #6:
Open Babel 3.2.0: 24 CVEs fixed across file-format parsers (Geoffrey Hutchison <geoff.hutchison@...il.com>)
- 2026/05/28 #5:
Two security advisories for Cargo from Rust (Alan Coopersmith <alan.coopersmith@...cle.com>)
- 2026/05/28 #4:
Various memory access violations in 7-Zip (Alan Coopersmith <alan.coopersmith@...cle.com>)
- 2026/05/28 #3:
CVE-2025-48977: Apache Ignite: Rest Http default Arbitrary file read vulnerability (zstan <zstan@...che.org>)
- 2026/05/28 #2:
CIFSwitch: Linux kernel/cifs-utils local root via forged cifs.spnego upcall (manizada <manizada@...me>)
- 2026/05/28 #1:
Re: Linux: DMA-after-unmap race in ZCRX via
netif_rxq_cleanup_unlease() ordering inversion (netkit + page_pool) (Jacob Bachmeyer <jcb62281@...il.com>)
- 2026/05/27 #10:
Linux: DMA-after-unmap race in ZCRX via netif_rxq_cleanup_unlease()
ordering inversion (netkit + page_pool) (Prénom? Ahmed <ahmedabdelmoumen05@...il.com>)
- 2026/05/27 #9:
[OSSA-2026-014] OpenStack Swift: Swift proxy-server denial of service
via truncated s3api chunked upload (CVE-2026-4901… (Goutham Pacha Ravi <gouthampravi@...il.…)
- 2026/05/27 #8:
ARTEMIS-5996: CVE-2026-40914: Apache Artemis, Apache ActiveMQ
Artemis: Address routing-type can be updated by STOMP protoc… (Justin Bertram <jbertram@...che.org>)
- 2026/05/27 #7:
Multiple vulnerabilities in Jenkins plugins (Daniel Beck <ml@...kweb.net>)
- 2026/05/27 #6:
Samba 4.24.3, 4.23.8 and 4.22.10 Security Releases are available for
Download (Douglas Bagnall <douglas.bagnall@...alyst.net.nz>)
- 2026/05/27 #5:
CVE-2026-8450: HTTP::Daemon versions before 6.17 for Perl allow OS
command injection via send_file() (Stig Palmquist <stig@...g.io>)
- 2026/05/27 #4:
CVE-2026-48962: IO::Compress versions before 2.220 for Perl can
execute arbitrary code in File::GlobMapper via an attacker-contro… (Stig Palmquist <stig@...g.io>)
- 2026/05/27 #3:
CVE-2026-48961: IO::Compress versions from 2.207 before 2.220 for
Perl ship a zipdetails CLI tool that crashes with undefined sub… (Stig Palmquist <stig@...g.io>)
- 2026/05/27 #2:
CVE-2026-48959: IO::Uncompress::Unzip versions before 2.220 for Perl
allow CPU exhaustion via per-byte read loop in fastForward (Stig Palmquist <stig@...g.io>)
- 2026/05/27 #1:
CVE-2025-15649: IO::Uncompress::Unzip versions before 2.215 for Perl
propagate uncaught exception when parsing zip header with ma… (Stig Palmquist <stig@...g.io>)
- 2026/05/26 #8:
CVE-2026-8647: Crypt::ScryptKDF versions through 0.010 for Perl uses
insecure random number source when no CSPRNG module i… (Robert Rothenberg <rrwo@...nsec.org>)
- 2026/05/26 #7:
CVE-2026-46740: Mojolicious::Plugin::Statsd versions through 0.04 for
Perl allowed metric injections (Robert Rothenberg <rrwo@...nsec.org>)
- 2026/05/26 #6:
CVE-2026-40564: Apache Flink Kubernetes Operator: Server-Side
Request Forgery and local file access in Kubernetes Operator (Gyula Fora <gyfora@...che.org>)
- 2026/05/26 #5:
qSnapper: Various Security Issues in Privileged D-Bus Service
(CVE-2026-41045 through CVE-2026-41048) (Matthias Gerstner <mgerstner@...e.de>)
- 2026/05/26 #4:
CVE-2026-9538: Archive::Tar versions before 3.10 for Perl allow
memory exhaustion via attacker controlled entry size field in tar… (Stig Palmquist <stig@...g.io>)
- 2026/05/26 #3:
CVE-2026-42497: Archive::Tar versions before 3.08 for Perl extract
hardlinks to attacker controlled paths outside the extraction … (Stig Palmquist <stig@...g.io>)
- 2026/05/26 #2:
CVE-2026-42496: Archive::Tar versions before 3.08 for Perl extract
symlinks with attacker controlled targets outside the extracti… (Stig Palmquist <stig@...g.io>)
- 2026/05/26 #1:
CVE-2026-8376: Perl versions through 5.43.10 have a heap buffer
overflow when compiling regular expressions with a repeate… (Timothy Legge <timlegge@...nsec.org>)
- 2026/05/25 #9:
CVE-2026-48589: Apache Shiro: Jakarta EE open redirect via
untrusted Referer in post-login redirect flow (Lenny Primak <lprimak@...che.org>)
- 2026/05/25 #8:
CVE-2026-44598: Apache Shiro Jakarta EE module: Open redirect and
SSRF (requires valid credentials) (Lenny Primak <lprimak@...che.org>)
- 2026/05/25 #7:
CVE-2026-43828: Apache Shiro: Shiro's native session and
rememberMe cookies do not have secure flag set by default (Lenny Primak <lprimak@...che.org>)
- 2026/05/25 #6:
CVE-2026-43827: Apache Shiro: Session fixation: new session is not
created after login by default (Lenny Primak <lprimak@...che.org>)
- 2026/05/25 #5:
CVE-2026-42797: Apache Syncope: JexlContextBuilder Information
Disclosure (Francesco Chicchiriccò <ilgrosso@...che.org>)
- 2026/05/25 #4:
CVE-2026-42782: Apache Syncope: Post-auth RCE via Groovy static (Francesco Chicchiriccò <ilgrosso@...che.org>)
- 2026/05/25 #3:
Re: Coordinated Disclosure in the LLM Age (ROI AI <sales@...ai.ca>)
- 2026/05/25 #2:
Re: Coordinated Disclosure in the LLM Age (Jacob Bachmeyer <jcb62281@...il.com>)
- 2026/05/25 #1:
Re: On the issue of MIME handlers that execute arbitrary code (e.g.
Wine) (Aaron Rainbolt <arraybolt3@...eup.net>)
- 2026/05/24 #11:
PuTTY 0.84 released with 3 minor security fixes (Alan Coopersmith <alan.coopersmith@...cle.com>)
- 2026/05/24 #10:
CVE-2026-46745: Apache Airflow FAB provider: [ Security Report ]
LDAP Filter Injection in FAB Auth Manager _search_ldap re… (Jens Scheffler <jscheffl@...che.org>)
33092 messages
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
