Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-5598 (GCVE-0-2026-5598)
Vulnerability from cvelistv5 – Published: 2026-04-15 09:05 – Updated: 2026-06-14 09:34
VLAI
EPSS
Title
Non-constant time comparisons risk private key leakage in FrodoKEM.
Summary
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).
This vulnerability is associated with program files FrodoEngine.Java.
This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-385 - Covert timing channel
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | vendor-advisory |
| https://github.com/bcgit/bc-java/commit/94abbd564… | patch |
| https://github.com/bcgit/bc-java/commit/8692e6b2b… | patch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Legion of the Bouncy Castle Inc. | BC-JAVA |
Affected:
1.71 , < 1.80.2
(maven)
Affected: 1.81 , < 1.81.1 (maven) Affected: 1.82 , < 1.84 (maven) |
Credits
Cristina Dueñas Navarro (cristina.duenas@jtsec.es)
Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-5598",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T13:11:48.318645Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-15T13:11:53.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
"defaultStatus": "unaffected",
"modules": [
"core"
],
"packageName": "core",
"platforms": [
"all"
],
"product": "BC-JAVA",
"programFiles": [
"FrodoEngine.java"
],
"repo": "https://github.com/bcgit/bc-java",
"vendor": "Legion of the Bouncy Castle Inc.",
"versions": [
{
"lessThan": "1.80.2",
"status": "affected",
"version": "1.71",
"versionType": "maven"
},
{
"lessThan": "1.81.1",
"status": "affected",
"version": "1.81",
"versionType": "maven"
},
{
"lessThan": "1.84",
"status": "affected",
"version": "1.82",
"versionType": "maven"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cristina Due\u00f1as Navarro (cristina.duenas@jtsec.es)"
},
{
"lang": "en",
"type": "finder",
"value": "Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\u003cp\u003e This vulnerability is associated with program files FrodoEngine.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e"
}
],
"value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\n\n This vulnerability is associated with program files FrodoEngine.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-385",
"description": "CWE-385 Covert timing channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-14T09:34:39.363Z",
"orgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"shortName": "bcorg"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598"
},
{
"tags": [
"patch"
],
"url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87"
},
{
"tags": [
"patch"
],
"url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Non-constant time comparisons risk private key leakage in FrodoKEM.",
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "91579145-5d7b-4cc5-b925-a0262ff19630",
"assignerShortName": "bcorg",
"cveId": "CVE-2026-5598",
"datePublished": "2026-04-15T09:05:56.277Z",
"dateReserved": "2026-04-05T07:25:44.930Z",
"dateUpdated": "2026-06-14T09:34:39.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-5598",
"date": "2026-06-19",
"epss": "0.00512",
"percentile": "0.39504"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-5598\",\"sourceIdentifier\":\"91579145-5d7b-4cc5-b925-a0262ff19630\",\"published\":\"2026-04-15T10:16:49.757\",\"lastModified\":\"2026-06-14T10:16:37.547\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\\n\\n This vulnerability is associated with program files FrodoEngine.Java.\\n\\n\\n\\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"91579145-5d7b-4cc5-b925-a0262ff19630\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:X/V:X/RE:X/U:Red\",\"baseScore\":8.9,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"UNREPORTED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"PRESENT\",\"Automatable\":\"YES\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"RED\"}}]},\"weaknesses\":[{\"source\":\"91579145-5d7b-4cc5-b925-a0262ff19630\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-385\"}]}],\"references\":[{\"url\":\"https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5\",\"source\":\"91579145-5d7b-4cc5-b925-a0262ff19630\"},{\"url\":\"https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87\",\"source\":\"91579145-5d7b-4cc5-b925-a0262ff19630\"},{\"url\":\"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598\",\"source\":\"91579145-5d7b-4cc5-b925-a0262ff19630\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-5598\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-15T13:11:48.318645Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-15T13:11:50.359Z\"}}], \"cna\": {\"title\": \"Non-constant time comparisons risk private key leakage in FrodoKEM.\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Cristina Due\\u00f1as Navarro (cristina.duenas@jtsec.es)\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Sunwoo Lee and Seunghyun Yoon, Korea Institute of Energy Technology (KENTECH)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"PRESENT\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 8.9, \"Automatable\": \"YES\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red\", \"exploitMaturity\": \"UNREPORTED\", \"providerUrgency\": \"RED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/bcgit/bc-java\", \"vendor\": \"Legion of the Bouncy Castle Inc.\", \"modules\": [\"core\"], \"product\": \"BC-JAVA\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.71\", \"lessThan\": \"1.80.2\", \"versionType\": \"maven\"}, {\"status\": \"affected\", \"version\": \"1.81\", \"lessThan\": \"1.81.1\", \"versionType\": \"maven\"}, {\"status\": \"affected\", \"version\": \"1.82\", \"lessThan\": \"1.84\", \"versionType\": \"maven\"}], \"platforms\": [\"all\"], \"packageName\": \"core\", \"programFiles\": [\"FrodoEngine.java\"], \"collectionURL\": \"https://www.bouncycastle.org/download/bouncy-castle-java/\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\\n\\n This vulnerability is associated with program files FrodoEngine.Java.\\n\\n\\n\\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\u003cp\u003e This vulnerability is associated with program files FrodoEngine.Java.\u003c/p\u003e\u003cp\u003eThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-385\", \"description\": \"CWE-385 Covert timing channel\"}]}], \"providerMetadata\": {\"orgId\": \"91579145-5d7b-4cc5-b925-a0262ff19630\", \"shortName\": \"bcorg\", \"dateUpdated\": \"2026-06-14T09:34:39.363Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-5598\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-14T09:34:39.363Z\", \"dateReserved\": \"2026-04-05T07:25:44.930Z\", \"assignerOrgId\": \"91579145-5d7b-4cc5-b925-a0262ff19630\", \"datePublished\": \"2026-04-15T09:05:56.277Z\", \"assignerShortName\": \"bcorg\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
CERTFR-2026-AVI-0556
Vulnerability from certfr_avis - Published: 2026-05-11 - Updated: 2026-05-11
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 31.3.x antérieures à 3.13.15 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server For Kubernetes versions antérieures à 1.3.0 | ||
| VMware | Tanzu | Tanzu Data Flow on Kubernetes versions antérieures à 2.1.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.0.x antérieures à 4.0.20 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Backup and Restore versions antérieures à1.33.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.3 | ||
| VMware | Tanzu | Tanzu for Valkey on Kubernetes versions antérieures à 3.3.4 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions 6.17.x antérieures à 6.17.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum on Kubernetes versions antérieures à 1.1.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Platform Extension Framework versions antérieures à 8.0.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.2.x antérieures à 4.2.6 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Text versions antérieures à 4.0.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Streaming Server versions antérieures à 2.3.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.3.x antérieures à 4.3.0 | ||
| VMware | Tanzu | Tanzu for Valkey on Kubernetes versions antérieures à 3.4.0 | ||
| VMware | Tanzu Gemfire | Tanzu GemFire versions antérieures à 10.2.3 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Upgrade versions antérieures à 2.0.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplumversions antérieures à 7.8.0 | ||
| VMware | Tanzu Gemfire | Tanzu GemFire Vector Database versions antérieures à 1.2.2 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum versions antérieures à 6.33.0 | ||
| VMware | Tanzu Greenplum | Tanzu Greenplum Command Center versions 7.7.x antérieures à 7.7.0 | ||
| VMware | Tanzu | Tanzu RabbitMQ on Kubernetes versions 4.1.x antérieures à 4.1.11 | ||
| VMware | Tanzu | Tanzu for MySQL on Kubernetes versions antérieures à 2.0.3 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu RabbitMQ on Kubernetes versions 31.3.x ant\u00e9rieures \u00e0 3.13.15",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server For Kubernetes versions ant\u00e9rieures \u00e0 1.3.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Data Flow on Kubernetes versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.0.x ant\u00e9rieures \u00e0 4.0.20",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e01.33.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.9.3",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.3.4",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions 6.17.x ant\u00e9rieures \u00e0 6.17.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum on Kubernetes versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Platform Extension Framework versions ant\u00e9rieures \u00e0 8.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.2.x ant\u00e9rieures \u00e0 4.2.6",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Text versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.3.x ant\u00e9rieures \u00e0 4.3.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.4.0",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": " Tanzu GemFire versions ant\u00e9rieures \u00e0 10.2.3",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Upgrade versions ant\u00e9rieures \u00e0 2.0.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplumversions ant\u00e9rieures \u00e0 7.8.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu GemFire Vector Database versions ant\u00e9rieures \u00e0 1.2.2",
"product": {
"name": "Tanzu Gemfire",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.33.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Greenplum Command Center versions 7.7.x ant\u00e9rieures \u00e0 7.7.0",
"product": {
"name": "Tanzu Greenplum",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu RabbitMQ on Kubernetes versions 4.1.x ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu for MySQL on Kubernetes versions ant\u00e9rieures \u00e0 2.0.3\n",
"product": {
"name": "Tanzu",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"name": "CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"name": "CVE-2025-61730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
},
{
"name": "CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2025-15282",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
},
{
"name": "CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"name": "CVE-2026-22737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
},
{
"name": "CVE-2020-26939",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26939"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2026-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4878"
},
{
"name": "CVE-2026-35238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35238"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2026-27205",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27205"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2026-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32990"
},
{
"name": "CVE-2022-30973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30973"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2026-1669",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1669"
},
{
"name": "CVE-2026-39892",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
},
{
"name": "CVE-2023-33201",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
},
{
"name": "CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"name": "CVE-2021-27906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27906"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2026-34267",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34267"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2026-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
},
{
"name": "CVE-2026-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
},
{
"name": "CVE-2025-66614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2016-1000341",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
},
{
"name": "CVE-2026-32286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2020-9546",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
},
{
"name": "CVE-2020-13956",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
},
{
"name": "CVE-2026-35239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35239"
},
{
"name": "CVE-2026-3497",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3497"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2026-25990",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
},
{
"name": "CVE-2026-32288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
},
{
"name": "CVE-2021-36373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36373"
},
{
"name": "CVE-2020-10673",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-12084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
},
{
"name": "CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"name": "CVE-2026-0897",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0897"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2026-34271",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34271"
},
{
"name": "CVE-2019-10094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10094"
},
{
"name": "CVE-2026-24308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24308"
},
{
"name": "CVE-2025-11468",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"name": "CVE-2020-9548",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
},
{
"name": "CVE-2026-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3446"
},
{
"name": "CVE-2026-32875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32875"
},
{
"name": "CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2016-1000343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
},
{
"name": "CVE-2020-24616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
},
{
"name": "CVE-2020-10683",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
},
{
"name": "CVE-2022-24613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24613"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2026-27456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
},
{
"name": "CVE-2026-22701",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
},
{
"name": "CVE-2026-34270",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34270"
},
{
"name": "CVE-2026-34303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34303"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2025-61731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2022-26612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26612"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2026-27143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2026-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22009"
},
{
"name": "CVE-2018-1320",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1320"
},
{
"name": "CVE-2025-13837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
},
{
"name": "CVE-2020-9547",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
},
{
"name": "CVE-2026-29145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29145"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49128"
},
{
"name": "CVE-2026-21998",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21998"
},
{
"name": "CVE-2019-17558",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17558"
},
{
"name": "CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"name": "CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"name": "CVE-2020-13955",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13955"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2020-10650",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2025-66516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
},
{
"name": "CVE-2025-15367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
},
{
"name": "CVE-2016-1000346",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
},
{
"name": "CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"name": "CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"name": "CVE-2025-9820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
},
{
"name": "CVE-2026-2006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
},
{
"name": "CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"name": "CVE-2026-35236",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35236"
},
{
"name": "CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"name": "CVE-2021-35516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2023-33202",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2024-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
},
{
"name": "CVE-2026-5121",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2026-35237",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35237"
},
{
"name": "CVE-2014-0114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0114"
},
{
"name": "CVE-2026-33236",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33236"
},
{
"name": "CVE-2022-32287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32287"
},
{
"name": "CVE-2026-2005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2016-1000345",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
},
{
"name": "CVE-2026-24051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
},
{
"name": "CVE-2022-39135",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39135"
},
{
"name": "CVE-2025-33042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33042"
},
{
"name": "CVE-2026-34073",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
},
{
"name": "CVE-2026-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2026-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22017"
},
{
"name": "CVE-2022-26336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
},
{
"name": "CVE-2024-21244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21244"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2018-1338",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1338"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2021-29262",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29262"
},
{
"name": "CVE-2020-11113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
},
{
"name": "CVE-2024-21503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21503"
},
{
"name": "CVE-2016-1000338",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
},
{
"name": "CVE-2026-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
},
{
"name": "CVE-2026-1703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1703"
},
{
"name": "CVE-2026-25645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25645"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2026-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3479"
},
{
"name": "CVE-2024-52012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52012"
},
{
"name": "CVE-2021-35517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2026-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39883"
},
{
"name": "CVE-2026-4424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
},
{
"name": "CVE-2019-10088",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10088"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"name": "CVE-2026-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1839"
},
{
"name": "CVE-2026-27142",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
},
{
"name": "CVE-2026-34515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34515"
},
{
"name": "CVE-2026-5598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
},
{
"name": "CVE-2026-34519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34519"
},
{
"name": "CVE-2018-11797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11797"
},
{
"name": "CVE-2026-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22022"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2026-34304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34304"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2026-30922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2020-10672",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2019-14439",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2018-8017",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8017"
},
{
"name": "CVE-2020-10969",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2026-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
},
{
"name": "CVE-2025-11143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2017-15691",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15691"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2026-22002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22002"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2026-34518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34518"
},
{
"name": "CVE-2025-68161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
},
{
"name": "CVE-2016-1000342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2018-17197",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17197"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2020-11620",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2026-34308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34308"
},
{
"name": "CVE-2016-1000339",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
},
{
"name": "CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"name": "CVE-2026-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3219"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"name": "CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"name": "CVE-2025-21499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21499"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2026-27199",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27199"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2020-1945",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2021-23926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
},
{
"name": "CVE-2026-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2026-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22731"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2025-68146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
},
{
"name": "CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"name": "CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2026-34525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34525"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2026-22732",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2020-9492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2026-32274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32274"
},
{
"name": "CVE-2026-40192",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
},
{
"name": "CVE-2026-35240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35240"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2026-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22004"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2018-1324",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
},
{
"name": "CVE-2025-10158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10158"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2026-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22001"
},
{
"name": "CVE-2026-32874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32874"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2026-4539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4539"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2021-31812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31812"
},
{
"name": "CVE-2026-4519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
},
{
"name": "CVE-2025-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
},
{
"name": "CVE-2025-13462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13462"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2026-32289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
},
{
"name": "CVE-2026-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
},
{
"name": "CVE-2021-37404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37404"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2026-4111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4111"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2025-66034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66034"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2020-14195",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"name": "CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2026-3298",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3298"
},
{
"name": "CVE-2026-6100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6100"
},
{
"name": "CVE-2026-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
},
{
"name": "CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2024-21232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21232"
},
{
"name": "CVE-2020-14061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
},
{
"name": "CVE-2024-9823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
},
{
"name": "CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2026-4224",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4224"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2020-11619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
},
{
"name": "CVE-2019-12415",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
},
{
"name": "CVE-2025-8869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8869"
},
{
"name": "CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"name": "CVE-2026-25854",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25854"
},
{
"name": "CVE-2026-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22015"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2021-22573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
},
{
"name": "CVE-2026-23949",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2026-1519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
},
{
"name": "CVE-2026-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2018-11761",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11761"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2018-11771",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11771"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2018-1335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1335"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2026-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
},
{
"name": "CVE-2025-15281",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
},
{
"name": "CVE-2025-21493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21493"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2018-11762",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11762"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2026-22733",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22733"
},
{
"name": "CVE-2026-2297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2297"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2026-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22005"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2016-1000340",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000340"
},
{
"name": "CVE-2026-34516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34516"
},
{
"name": "CVE-2026-1299",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
},
{
"name": "CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"name": "CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"name": "CVE-2026-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3644"
},
{
"name": "CVE-2026-27140",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2020-36518",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
},
{
"name": "CVE-2026-29129",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29129"
},
{
"name": "CVE-2022-31159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
},
{
"name": "CVE-2026-22735",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
},
{
"name": "CVE-2026-34517",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34517"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2020-15522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2018-1339",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1339"
},
{
"name": "CVE-2016-1000352",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
},
{
"name": "CVE-2026-27139",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-14009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14009"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"name": "CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2026-34278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34278"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2026-34513",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34513"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2026-2003",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"name": "CVE-2026-34514",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34514"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2019-10086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10086"
},
{
"name": "CVE-2020-10968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-1194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1194"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2025-14819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2026-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4786"
},
{
"name": "CVE-2020-25649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
},
{
"name": "CVE-2026-27141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"name": "CVE-2016-1000344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2017-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3164"
},
{
"name": "CVE-2026-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41066"
},
{
"name": "CVE-2026-34520",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34520"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2025-59419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2026-24880",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24880"
},
{
"name": "CVE-2021-35515",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
},
{
"name": "CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"name": "CVE-2026-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
},
{
"name": "CVE-2026-0672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
},
{
"name": "CVE-2017-7669",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7669"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2017-8806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2019-0193",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0193"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2026-33231",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33231"
},
{
"name": "CVE-2022-30126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30126"
},
{
"name": "CVE-2025-46392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
},
{
"name": "CVE-2020-11112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2018-1000180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2026-34276",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34276"
},
{
"name": "CVE-2022-24614",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24614"
},
{
"name": "CVE-2026-22815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22815"
},
{
"name": "CVE-2020-13959",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13959"
},
{
"name": "CVE-2025-24814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24814"
},
{
"name": "CVE-2020-11111",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
},
{
"name": "CVE-2020-11979",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11979"
},
{
"name": "CVE-2025-67221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
},
{
"name": "CVE-2024-21243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21243"
},
{
"name": "CVE-2026-33230",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33230"
},
{
"name": "CVE-2021-31811",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31811"
},
{
"name": "CVE-2021-27807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27807"
},
{
"name": "CVE-2026-1225",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
},
{
"name": "CVE-2026-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24281"
},
{
"name": "CVE-2026-1462",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1462"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2022-25168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
},
{
"name": "CVE-2026-34293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34293"
},
{
"name": "CVE-2020-14060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
},
{
"name": "CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2018-11802",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11802"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-14831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
},
{
"name": "CVE-2018-11796",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11796"
},
{
"name": "CVE-2020-13957",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13957"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"name": "CVE-2018-1000632",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000632"
},
{
"name": "CVE-2026-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0846"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
},
{
"name": "CVE-2020-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
}
],
"initial_release_date": "2026-05-11T00:00:00",
"last_revision_date": "2026-05-11T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0556",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37451",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37451"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37445",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37445"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37460",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37460"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37449",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37449"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37450",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37450"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37466",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37466"
},
{
"published_at": "2026-05-08",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37468",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37468"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37444",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37444"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37461",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37461"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2016-11",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37459"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37446",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37446"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37465",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37465"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37448",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37448"
},
{
"published_at": "2026-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37447",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37447"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37463",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37463"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37452",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37452"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37462",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37462"
},
{
"published_at": "2026-05-07",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 37464",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37464"
}
]
}
CERTFR-2026-AVI-0667
Vulnerability from certfr_avis - Published: 2026-05-29 - Updated: 2026-05-29
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics Mobile versions antérieures à 1.1.26 | ||
| IBM | Sterling Control Center | Sterling Control Center versions 6.3.1.0 sans le correctif iFix09 | ||
| IBM | Tivoli Monitoring | Tivoli Monitoring sans le dernier correctif de sécurité | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP15 IF03 | ||
| IBM | Sterling Control Center | Sterling Control Center versions 6.4.2.0 sans le correctif iFix04 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions antérieures à 1.11.11.0 | ||
| IBM | N/A | Analyst Workflow versions antérieures à 3.1.0 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions antérieures à 1.11.11.0 | ||
| IBM | Sterling Control Center | Sterling Control Center versions 6.4.1.0 sans le correctif iFix03 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics Mobile versions ant\u00e9rieures \u00e0 1.1.26",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.3.1.0 sans le correctif iFix09",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Monitoring sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Tivoli Monitoring",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP15 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.2.0 sans le correctif iFix04",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions ant\u00e9rieures \u00e0 1.11.11.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Analyst Workflow versions ant\u00e9rieures \u00e0 3.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions ant\u00e9rieures \u00e0 1.11.11.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.4.1.0 sans le correctif iFix03",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
},
{
"name": "CVE-2026-35388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35388"
},
{
"name": "CVE-2006-10003",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-10003"
},
{
"name": "CVE-2026-27135",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
},
{
"name": "CVE-2026-41324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41324"
},
{
"name": "CVE-2026-40466",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40466"
},
{
"name": "CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"name": "CVE-2026-35386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35386"
},
{
"name": "CVE-2026-32597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32597"
},
{
"name": "CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"name": "CVE-2026-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22036"
},
{
"name": "CVE-2026-31402",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31402"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-68741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68741"
},
{
"name": "CVE-2026-33349",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33349"
},
{
"name": "CVE-2026-34982",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34982"
},
{
"name": "CVE-2026-33940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33940"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2026-40974",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40974"
},
{
"name": "CVE-2026-1527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1527"
},
{
"name": "CVE-2026-32875",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32875"
},
{
"name": "CVE-2026-31988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31988"
},
{
"name": "CVE-2024-28102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28102"
},
{
"name": "CVE-2026-40977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40977"
},
{
"name": "CVE-2026-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
},
{
"name": "CVE-2026-28421",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28421"
},
{
"name": "CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"name": "CVE-2026-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
},
{
"name": "CVE-2026-31431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
},
{
"name": "CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"name": "CVE-2025-11953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11953"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2025-59471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59471"
},
{
"name": "CVE-2026-33941",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33941"
},
{
"name": "CVE-2026-0848",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0848"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2026-33412",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33412"
},
{
"name": "CVE-2026-5121",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2026-34282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34282"
},
{
"name": "CVE-2025-59472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59472"
},
{
"name": "CVE-2026-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2581"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2026-23401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
},
{
"name": "CVE-2025-40252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40252"
},
{
"name": "CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"name": "CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"name": "CVE-2026-21860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
},
{
"name": "CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"name": "CVE-2026-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0847"
},
{
"name": "CVE-2026-4424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
},
{
"name": "CVE-2025-6545",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6545"
},
{
"name": "CVE-2026-23865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23865"
},
{
"name": "CVE-2026-28417",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28417"
},
{
"name": "CVE-2023-5764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5764"
},
{
"name": "CVE-2026-5598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
},
{
"name": "CVE-2026-30922",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
},
{
"name": "CVE-2026-23191",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
},
{
"name": "CVE-2026-2359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2359"
},
{
"name": "CVE-2026-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6918"
},
{
"name": "CVE-2026-35535",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35535"
},
{
"name": "CVE-2025-68724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68724"
},
{
"name": "CVE-2026-33939",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33939"
},
{
"name": "CVE-2026-27699",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27699"
},
{
"name": "CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"name": "CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"name": "CVE-2025-12758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12758"
},
{
"name": "CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"name": "CVE-2026-41044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41044"
},
{
"name": "CVE-2006-10002",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-10002"
},
{
"name": "CVE-2026-5795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5795"
},
{
"name": "CVE-2026-40975",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40975"
},
{
"name": "CVE-2026-27942",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27942"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2026-26960",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26960"
},
{
"name": "CVE-2025-5187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
},
{
"name": "CVE-2026-4923",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4923"
},
{
"name": "CVE-2026-4867",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4867"
},
{
"name": "CVE-2024-9902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9902"
},
{
"name": "CVE-2024-8775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
},
{
"name": "CVE-2026-27199",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27199"
},
{
"name": "CVE-2026-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27903"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2025-66030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66030"
},
{
"name": "CVE-2024-11079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11079"
},
{
"name": "CVE-2026-23897",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23897"
},
{
"name": "CVE-2026-35385",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35385"
},
{
"name": "CVE-2026-34601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34601"
},
{
"name": "CVE-2026-29057",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29057"
},
{
"name": "CVE-2026-32874",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32874"
},
{
"name": "CVE-2026-4519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
},
{
"name": "CVE-2026-34197",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34197"
},
{
"name": "CVE-2026-25128",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25128"
},
{
"name": "CVE-2025-13333",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13333"
},
{
"name": "CVE-2025-12635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12635"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-66221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"name": "CVE-2026-35414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35414"
},
{
"name": "CVE-2026-2950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2950"
},
{
"name": "CVE-2026-3304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3304"
},
{
"name": "CVE-2026-33916",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33916"
},
{
"name": "CVE-2026-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
},
{
"name": "CVE-2026-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
},
{
"name": "CVE-2026-6100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6100"
},
{
"name": "CVE-2026-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
},
{
"name": "CVE-2026-34268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
},
{
"name": "CVE-2026-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29786"
},
{
"name": "CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"name": "CVE-2026-1519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
},
{
"name": "CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"name": "CVE-2023-26132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26132"
},
{
"name": "CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"name": "CVE-2026-33937",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33937"
},
{
"name": "CVE-2026-31808",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31808"
},
{
"name": "CVE-2026-27459",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27459"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2026-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40973"
},
{
"name": "CVE-2026-39373",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39373"
},
{
"name": "CVE-2026-27448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27448"
},
{
"name": "CVE-2026-8620",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8620"
},
{
"name": "CVE-2025-69277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69277"
},
{
"name": "CVE-2026-8633",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8633"
},
{
"name": "CVE-2026-26278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26278"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2026-23490",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23490"
},
{
"name": "CVE-2025-14009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14009"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2026-25896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25896"
},
{
"name": "CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"name": "CVE-2026-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4786"
},
{
"name": "CVE-2026-33938",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33938"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"name": "CVE-2026-30951",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-30951"
},
{
"name": "CVE-2026-35387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35387"
},
{
"name": "CVE-2026-24001",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24001"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2026-27837",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27837"
},
{
"name": "CVE-2025-6547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6547"
},
{
"name": "CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"name": "CVE-2026-39983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
},
{
"name": "CVE-2026-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22008"
},
{
"name": "CVE-2025-14813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
},
{
"name": "CVE-2026-31802",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31802"
},
{
"name": "CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"name": "CVE-2025-67221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
},
{
"name": "CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"name": "CVE-2026-25547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25547"
},
{
"name": "CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"name": "CVE-2026-2739",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2739"
},
{
"name": "CVE-2024-56462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56462"
},
{
"name": "CVE-2026-35213",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35213"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"name": "CVE-2026-0846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0846"
}
],
"initial_release_date": "2026-05-29T00:00:00",
"last_revision_date": "2026-05-29T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0667",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274185",
"url": "https://www.ibm.com/support/pages/node/7274185"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274154",
"url": "https://www.ibm.com/support/pages/node/7274154"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274180",
"url": "https://www.ibm.com/support/pages/node/7274180"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274183",
"url": "https://www.ibm.com/support/pages/node/7274183"
},
{
"published_at": "2026-05-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7273957",
"url": "https://www.ibm.com/support/pages/node/7273957"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274184",
"url": "https://www.ibm.com/support/pages/node/7274184"
},
{
"published_at": "2026-05-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274314",
"url": "https://www.ibm.com/support/pages/node/7274314"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274182",
"url": "https://www.ibm.com/support/pages/node/7274182"
},
{
"published_at": "2026-05-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7274181",
"url": "https://www.ibm.com/support/pages/node/7274181"
},
{
"published_at": "2026-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7273803",
"url": "https://www.ibm.com/support/pages/node/7273803"
},
{
"published_at": "2026-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7272901",
"url": "https://www.ibm.com/support/pages/node/7272901"
}
]
}
CERTFR-2026-AVI-0788
Vulnerability from certfr_avis - Published: 2026-06-19 - Updated: 2026-06-19
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | N/A | WebSphere Service Registry and Repository versions 8.5 sans les derniers correctifs de sécurité | ||
| IBM | N/A | WebSphere Application Server versions 8.5.0 sans les derniers correctifs de sécurité | ||
| IBM | N/A | IBM QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP15 IF04 | ||
| IBM | N/A | WebSphere Application Server - Liberty versions 17.x à 26.x sans les derniers correctifs de sécurité | ||
| IBM | N/A | DB2 Query Management Facility versions 12.2.0.5 sans les derniers correctifs de sécurité | ||
| IBM | N/A | Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent versions 7.3.0 Fix Pack 4 sans les derniers correctifs de sécurité | ||
| IBM | N/A | Security QRadar Log Management AQL Plugin versions 1.x antérieures à 1.1.6 | ||
| IBM | N/A | Sterling Connect:Direct Web Services versions 6.3.0 antérieures à 6.3.0.19 | ||
| IBM | N/A | Sterling Connect:Direct Web Services versions 6.4.0 antérieures à 6.4.0.8 | ||
| IBM | N/A | Sterling B2B Integrator et IBM Sterling File Gateway versions 6.2.1 antérieures à 6.2.1.2 | ||
| IBM | N/A | DB2 Query Management Facility versions 13.1.x sans les derniers correctifs de sécurité | ||
| IBM | N/A | WebSphere Application Server versions 9.0.0 à 9.0.5.28 sans les derniers correctifs de sécurité | ||
| IBM | N/A | Sterling Connect:Direct File Agent versions 1.4.0.3 à 1.4.0.5_iFi011 pour AIX, Linux x64, Linux PPC et Windows sans le correctif de sécurité 1.4.0.5_iFix012 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Service Registry and Repository versions 8.5 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 8.5.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP15 IF04",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server - Liberty versions 17.x \u00e0 26.x sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Query Management Facility versions 12.2.0.5 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent versions 7.3.0 Fix Pack 4 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Security QRadar Log Management AQL Plugin versions 1.x ant\u00e9rieures \u00e0 1.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.0 ant\u00e9rieures \u00e0 6.3.0.19",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.4.0 ant\u00e9rieures \u00e0 6.4.0.8",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator et IBM Sterling File Gateway versions 6.2.1 ant\u00e9rieures \u00e0 6.2.1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Query Management Facility versions 13.1.x sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server versions 9.0.0 \u00e0 9.0.5.28 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct File Agent versions 1.4.0.3 \u00e0 1.4.0.5_iFi011 pour AIX, Linux x64, Linux PPC et Windows sans le correctif de s\u00e9curit\u00e9 1.4.0.5_iFix012",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-6474",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6474"
},
{
"name": "CVE-2026-44289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44289"
},
{
"name": "CVE-2026-6472",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6472"
},
{
"name": "CVE-2025-14087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2026-6479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6479"
},
{
"name": "CVE-2026-44293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44293"
},
{
"name": "CVE-2026-44290",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44290"
},
{
"name": "CVE-2026-40355",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40355"
},
{
"name": "CVE-2026-41239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41239"
},
{
"name": "CVE-2026-41305",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41305"
},
{
"name": "CVE-2026-33814",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33814"
},
{
"name": "CVE-2026-45740",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45740"
},
{
"name": "CVE-2026-43284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
},
{
"name": "CVE-2026-39824",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39824"
},
{
"name": "CVE-2026-40977",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40977"
},
{
"name": "CVE-2026-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22013"
},
{
"name": "CVE-2026-32635",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32635"
},
{
"name": "CVE-2026-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22018"
},
{
"name": "CVE-2026-41988",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41988"
},
{
"name": "CVE-2024-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7246"
},
{
"name": "CVE-2026-6637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6637"
},
{
"name": "CVE-2026-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41242"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2026-34282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34282"
},
{
"name": "CVE-2026-6473",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6473"
},
{
"name": "CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"name": "CVE-2025-14512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
},
{
"name": "CVE-2026-5758",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5758"
},
{
"name": "CVE-2026-27136",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27136"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2026-23865",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23865"
},
{
"name": "CVE-2026-40356",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40356"
},
{
"name": "CVE-2026-33671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33671"
},
{
"name": "CVE-2026-5598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
},
{
"name": "CVE-2026-33750",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33750"
},
{
"name": "CVE-2026-44288",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44288"
},
{
"name": "CVE-2026-8646",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8646"
},
{
"name": "CVE-2026-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6918"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2026-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6638"
},
{
"name": "CVE-2026-9320",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9320"
},
{
"name": "CVE-2026-40975",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40975"
},
{
"name": "CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"name": "CVE-2026-42506",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42506"
},
{
"name": "CVE-2026-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27903"
},
{
"name": "CVE-2025-41235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41235"
},
{
"name": "CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"name": "CVE-2026-25680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25680"
},
{
"name": "CVE-2026-6478",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6478"
},
{
"name": "CVE-2026-10845",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10845"
},
{
"name": "CVE-2026-6475",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6475"
},
{
"name": "CVE-2026-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22016"
},
{
"name": "CVE-2026-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22021"
},
{
"name": "CVE-2026-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22007"
},
{
"name": "CVE-2026-34268",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34268"
},
{
"name": "CVE-2026-44291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44291"
},
{
"name": "CVE-2026-42583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42583"
},
{
"name": "CVE-2026-41680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41680"
},
{
"name": "CVE-2026-44292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44292"
},
{
"name": "CVE-2026-29181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29181"
},
{
"name": "CVE-2026-6477",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6477"
},
{
"name": "CVE-2026-42502",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42502"
},
{
"name": "CVE-2026-33672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33672"
},
{
"name": "CVE-2026-8723",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-8723"
},
{
"name": "CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"name": "CVE-2026-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40973"
},
{
"name": "CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"name": "CVE-2026-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41035"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2026-9330",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9330"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2026-9311",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9311"
},
{
"name": "CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2026-41238",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41238"
},
{
"name": "CVE-2026-9071",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9071"
},
{
"name": "CVE-2026-9006",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9006"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2026-44294",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44294"
},
{
"name": "CVE-2026-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22008"
},
{
"name": "CVE-2025-14813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
},
{
"name": "CVE-2026-41907",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41907"
},
{
"name": "CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
}
],
"initial_release_date": "2026-06-19T00:00:00",
"last_revision_date": "2026-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0788",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection SQL (SQLi)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276427",
"url": "https://www.ibm.com/support/pages/node/7276427"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276831",
"url": "https://www.ibm.com/support/pages/node/7276831"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276430",
"url": "https://www.ibm.com/support/pages/node/7276430"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276432",
"url": "https://www.ibm.com/support/pages/node/7276432"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276433",
"url": "https://www.ibm.com/support/pages/node/7276433"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276620",
"url": "https://www.ibm.com/support/pages/node/7276620"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276616",
"url": "https://www.ibm.com/support/pages/node/7276616"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276425",
"url": "https://www.ibm.com/support/pages/node/7276425"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276597",
"url": "https://www.ibm.com/support/pages/node/7276597"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276428",
"url": "https://www.ibm.com/support/pages/node/7276428"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276761",
"url": "https://www.ibm.com/support/pages/node/7276761"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276816",
"url": "https://www.ibm.com/support/pages/node/7276816"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276589",
"url": "https://www.ibm.com/support/pages/node/7276589"
},
{
"published_at": "2026-06-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276832",
"url": "https://www.ibm.com/support/pages/node/7276832"
},
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276187",
"url": "https://www.ibm.com/support/pages/node/7276187"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276426",
"url": "https://www.ibm.com/support/pages/node/7276426"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276579",
"url": "https://www.ibm.com/support/pages/node/7276579"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276303",
"url": "https://www.ibm.com/support/pages/node/7276303"
},
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276193",
"url": "https://www.ibm.com/support/pages/node/7276193"
},
{
"published_at": "2026-06-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276939",
"url": "https://www.ibm.com/support/pages/node/7276939"
},
{
"published_at": "2026-06-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276600",
"url": "https://www.ibm.com/support/pages/node/7276600"
},
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276189",
"url": "https://www.ibm.com/support/pages/node/7276189"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276429",
"url": "https://www.ibm.com/support/pages/node/7276429"
},
{
"published_at": "2026-06-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276392",
"url": "https://www.ibm.com/support/pages/node/7276392"
},
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7276185",
"url": "https://www.ibm.com/support/pages/node/7276185"
}
]
}
cleanstart-2026-pk73499
Vulnerability from cleanstart
Published
2026-05-18 12:57
Modified
2026-05-17 13:00
Summary
Security fixes for CVE-2026-5588, CVE-2026-5598, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-c3fc-8qff-9hwx, ghsa-fghv-69vj-qj49, ghsa-p93r-85wp-75v3, ghsa-prj3-ccx8-p6x4, ghsa-wg6q-6289-32hp, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16, 0.9.0-r1
Details
Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kserve-modelmesh"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kserve-modelmesh package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PK73499",
"modified": "2026-05-17T13:00:25Z",
"published": "2026-05-18T12:57:05.166140Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PK73499.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-389x-839f-4rhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4cx2-fc23-5wg6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4g8c-wm8x-jfhw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-735f-pc8j-v9w8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-prj3-ccx8-p6x4"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xq3w-v528-46rv"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2026-5588, CVE-2026-5598, ghsa-389x-839f-4rhx, ghsa-3p8m-j85q-pgmj, ghsa-4cx2-fc23-5wg6, ghsa-4g8c-wm8x-jfhw, ghsa-735f-pc8j-v9w8, ghsa-c3fc-8qff-9hwx, ghsa-fghv-69vj-qj49, ghsa-p93r-85wp-75v3, ghsa-prj3-ccx8-p6x4, ghsa-wg6q-6289-32hp, ghsa-xq3w-v528-46rv applied in versions: 0.12.0-r16, 0.9.0-r1",
"upstream": [
"CVE-2026-5588",
"CVE-2026-5598",
"ghsa-389x-839f-4rhx",
"ghsa-3p8m-j85q-pgmj",
"ghsa-4cx2-fc23-5wg6",
"ghsa-4g8c-wm8x-jfhw",
"ghsa-735f-pc8j-v9w8",
"ghsa-c3fc-8qff-9hwx",
"ghsa-fghv-69vj-qj49",
"ghsa-p93r-85wp-75v3",
"ghsa-prj3-ccx8-p6x4",
"ghsa-wg6q-6289-32hp",
"ghsa-xq3w-v528-46rv"
]
}
cleanstart-2026-po27799
Vulnerability from cleanstart
Published
2026-05-18 13:37
Modified
2026-05-07 10:33
Summary
Security fixes for CVE-2017-12158, CVE-2017-12159, CVE-2025-59250, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cbdj-484d-3x9q, ghsa-cm33-6792-r9fm, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.5.0-r2, 26.5.6-r3, 26.5.7-r0
Details
Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "keycloak"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "26.5.7-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PO27799",
"modified": "2026-05-07T10:33:31Z",
"published": "2026-05-18T13:37:33.587383Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PO27799.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12158"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2017-12159"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45p5-v273-3qqr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4cx2-fc23-5wg6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5rfx-cp42-p624"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-84h7-rjj3-6jx4"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9342-92gg-6v29"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-98qh-xjc8-98pq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cbdj-484d-3x9q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h5fg-jpgr-rv9c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hq9p-pm7w-8p54"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rc95-pcm8-65v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rwm7-x88c-3g2p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12158"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12159"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2017-12158, CVE-2017-12159, CVE-2025-59250, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-5rfx-cp42-p624, ghsa-72hv-8253-57qq, ghsa-84h7-rjj3-6jx4, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cbdj-484d-3x9q, ghsa-cm33-6792-r9fm, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.5.0-r2, 26.5.6-r3, 26.5.7-r0",
"upstream": [
"CVE-2017-12158",
"CVE-2017-12159",
"CVE-2025-59250",
"CVE-2026-41417",
"CVE-2026-42198",
"CVE-2026-42577",
"CVE-2026-42578",
"CVE-2026-42579",
"CVE-2026-42580",
"CVE-2026-42581",
"CVE-2026-42583",
"CVE-2026-42584",
"CVE-2026-42585",
"CVE-2026-42587",
"CVE-2026-5588",
"CVE-2026-5598",
"ghsa-38f8-5428-x5cv",
"ghsa-3p8m-j85q-pgmj",
"ghsa-45p5-v273-3qqr",
"ghsa-45q3-82m4-75jr",
"ghsa-4cx2-fc23-5wg6",
"ghsa-57rv-r2g8-2cj3",
"ghsa-5rfx-cp42-p624",
"ghsa-72hv-8253-57qq",
"ghsa-84h7-rjj3-6jx4",
"ghsa-9342-92gg-6v29",
"ghsa-98qh-xjc8-98pq",
"ghsa-c3fc-8qff-9hwx",
"ghsa-cbdj-484d-3x9q",
"ghsa-cm33-6792-r9fm",
"ghsa-fghv-69vj-qj49",
"ghsa-h5fg-jpgr-rv9c",
"ghsa-hq9p-pm7w-8p54",
"ghsa-j288-q9x7-2f5v",
"ghsa-m4cv-j2px-7723",
"ghsa-mj4r-2hfc-f8p6",
"ghsa-p93r-85wp-75v3",
"ghsa-pwqr-wmgm-9rr8",
"ghsa-rc95-pcm8-65v9",
"ghsa-rwm7-x88c-3g2p",
"ghsa-v8h7-rr48-vmmv",
"ghsa-w9fj-cfpg-grvv",
"ghsa-wg6q-6289-32hp",
"ghsa-xxqh-mfjm-7mv9"
]
}
cleanstart-2026-ru36468
Vulnerability from cleanstart
Published
2026-06-08 14:00
Modified
2026-06-04 05:30
Summary
Security fixes for CVE-2026-0636, CVE-2026-3260, CVE-2026-33558, CVE-2026-33870, CVE-2026-33871, CVE-2026-3505, CVE-2026-35554, CVE-2026-41417, CVE-2026-42402, CVE-2026-42403, CVE-2026-42404, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-287c-fxr7-3w6c, ghsa-2hfh-9h53-qc24, ghsa-38f8-5428-x5cv, ghsa-45q3-82m4-75jr, ghsa-57rv-r2g8-2cj3, ghsa-5qcv-4rpc-jp93, ghsa-72hv-8253-57qq, ghsa-c3fc-8qff-9hwx, ghsa-cj8j-37rh-8475, ghsa-cm33-6792-r9fm, ghsa-f6hv-jmp6-3vwv, ghsa-g36m-9g3m-2vmp, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wf66-mphr-4c4r, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 39.0.1-r0
Details
Multiple security vulnerabilities affect the wildfly package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "wildfly"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "39.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the wildfly package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RU36468",
"modified": "2026-06-04T05:30:36Z",
"published": "2026-06-08T14:00:50.454920Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RU36468.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-0636"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-3260"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-3505"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35554"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42402"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42403"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42404"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-287c-fxr7-3w6c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2hfh-9h53-qc24"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-5qcv-4rpc-jp93"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cj8j-37rh-8475"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6hv-jmp6-3vwv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-g36m-9g3m-2vmp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wf66-mphr-4c4r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3260"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3505"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42402"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42403"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42404"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2026-0636, CVE-2026-3260, CVE-2026-33558, CVE-2026-33870, CVE-2026-33871, CVE-2026-3505, CVE-2026-35554, CVE-2026-41417, CVE-2026-42402, CVE-2026-42403, CVE-2026-42404, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-287c-fxr7-3w6c, ghsa-2hfh-9h53-qc24, ghsa-38f8-5428-x5cv, ghsa-45q3-82m4-75jr, ghsa-57rv-r2g8-2cj3, ghsa-5qcv-4rpc-jp93, ghsa-72hv-8253-57qq, ghsa-c3fc-8qff-9hwx, ghsa-cj8j-37rh-8475, ghsa-cm33-6792-r9fm, ghsa-f6hv-jmp6-3vwv, ghsa-g36m-9g3m-2vmp, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wf66-mphr-4c4r, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 39.0.1-r0",
"upstream": [
"CVE-2026-0636",
"CVE-2026-3260",
"CVE-2026-33558",
"CVE-2026-33870",
"CVE-2026-33871",
"CVE-2026-3505",
"CVE-2026-35554",
"CVE-2026-41417",
"CVE-2026-42402",
"CVE-2026-42403",
"CVE-2026-42404",
"CVE-2026-42578",
"CVE-2026-42579",
"CVE-2026-42580",
"CVE-2026-42581",
"CVE-2026-42583",
"CVE-2026-42584",
"CVE-2026-42585",
"CVE-2026-42587",
"CVE-2026-5588",
"CVE-2026-5598",
"ghsa-287c-fxr7-3w6c",
"ghsa-2hfh-9h53-qc24",
"ghsa-38f8-5428-x5cv",
"ghsa-45q3-82m4-75jr",
"ghsa-57rv-r2g8-2cj3",
"ghsa-5qcv-4rpc-jp93",
"ghsa-72hv-8253-57qq",
"ghsa-c3fc-8qff-9hwx",
"ghsa-cj8j-37rh-8475",
"ghsa-cm33-6792-r9fm",
"ghsa-f6hv-jmp6-3vwv",
"ghsa-g36m-9g3m-2vmp",
"ghsa-m4cv-j2px-7723",
"ghsa-mj4r-2hfc-f8p6",
"ghsa-p93r-85wp-75v3",
"ghsa-pwqr-wmgm-9rr8",
"ghsa-v8h7-rr48-vmmv",
"ghsa-w9fj-cfpg-grvv",
"ghsa-wf66-mphr-4c4r",
"ghsa-wg6q-6289-32hp",
"ghsa-xxqh-mfjm-7mv9"
]
}
cleanstart-2026-vj37814
Vulnerability from cleanstart
Published
2026-05-18 13:37
Modified
2026-05-07 10:32
Summary
Security fixes for CVE-2025-59250, CVE-2026-1002, CVE-2026-33870, CVE-2026-33871, CVE-2026-39852, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cm33-6792-r9fm, ghsa-cphf-4846-3xx9, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.4.11-r0, 26.4.11-r2
Details
Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "keycloak"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "26.4.11-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VJ37814",
"modified": "2026-05-07T10:32:20Z",
"published": "2026-05-18T13:37:33.552809Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VJ37814.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39852"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45p5-v273-3qqr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4cx2-fc23-5wg6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9342-92gg-6v29"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-98qh-xjc8-98pq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cphf-4846-3xx9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h5fg-jpgr-rv9c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hq9p-pm7w-8p54"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rc95-pcm8-65v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rwm7-x88c-3g2p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-59250, CVE-2026-1002, CVE-2026-33870, CVE-2026-33871, CVE-2026-39852, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cm33-6792-r9fm, ghsa-cphf-4846-3xx9, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.4.11-r0, 26.4.11-r2",
"upstream": [
"CVE-2025-59250",
"CVE-2026-1002",
"CVE-2026-33870",
"CVE-2026-33871",
"CVE-2026-39852",
"CVE-2026-41417",
"CVE-2026-42198",
"CVE-2026-42577",
"CVE-2026-42578",
"CVE-2026-42579",
"CVE-2026-42580",
"CVE-2026-42581",
"CVE-2026-42583",
"CVE-2026-42584",
"CVE-2026-42585",
"CVE-2026-42587",
"CVE-2026-5588",
"CVE-2026-5598",
"ghsa-38f8-5428-x5cv",
"ghsa-3p8m-j85q-pgmj",
"ghsa-45p5-v273-3qqr",
"ghsa-45q3-82m4-75jr",
"ghsa-4cx2-fc23-5wg6",
"ghsa-57rv-r2g8-2cj3",
"ghsa-9342-92gg-6v29",
"ghsa-98qh-xjc8-98pq",
"ghsa-c3fc-8qff-9hwx",
"ghsa-cm33-6792-r9fm",
"ghsa-cphf-4846-3xx9",
"ghsa-fghv-69vj-qj49",
"ghsa-h5fg-jpgr-rv9c",
"ghsa-hq9p-pm7w-8p54",
"ghsa-j288-q9x7-2f5v",
"ghsa-m4cv-j2px-7723",
"ghsa-mj4r-2hfc-f8p6",
"ghsa-p93r-85wp-75v3",
"ghsa-pwqr-wmgm-9rr8",
"ghsa-rc95-pcm8-65v9",
"ghsa-rwm7-x88c-3g2p",
"ghsa-v8h7-rr48-vmmv",
"ghsa-w9fj-cfpg-grvv",
"ghsa-wg6q-6289-32hp",
"ghsa-xxqh-mfjm-7mv9"
]
}
FKIE_CVE-2026-5598
Vulnerability from fkie_nvd - Published: 2026-04-15 10:16 - Updated: 2026-06-17 10:59
Severity
Summary
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).
This vulnerability is associated with program files FrodoEngine.Java.
This issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84.
References
| URL | Tags | ||
|---|---|---|---|
| 91579145-5d7b-4cc5-b925-a0262ff19630 | https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5 | ||
| 91579145-5d7b-4cc5-b925-a0262ff19630 | https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87 | ||
| 91579145-5d7b-4cc5-b925-a0262ff19630 | https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598 |
Impacted products
| Vendor | Product | Version |
|---|
{
"affected": [
{
"affectedData": [
{
"collectionURL": "https://www.bouncycastle.org/download/bouncy-castle-java/",
"defaultStatus": "unaffected",
"modules": [
"core"
],
"packageName": "core",
"platforms": [
"all"
],
"product": "BC-JAVA",
"programFiles": [
"FrodoEngine.java"
],
"repo": "https://github.com/bcgit/bc-java",
"vendor": "Legion of the Bouncy Castle Inc.",
"versions": [
{
"lessThan": "1.80.2",
"status": "affected",
"version": "1.71",
"versionType": "maven"
},
{
"lessThan": "1.81.1",
"status": "affected",
"version": "1.81",
"versionType": "maven"
},
{
"lessThan": "1.84",
"status": "affected",
"version": "1.82",
"versionType": "maven"
}
]
}
],
"source": "91579145-5d7b-4cc5-b925-a0262ff19630"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\n\n This vulnerability is associated with program files FrodoEngine.Java.\n\n\n\nThis issue affects BC-JAVA: from 1.71 before 1.80.2, from 1.81 before 1.81.1, from 1.82 before 1.84."
}
],
"id": "CVE-2026-5598",
"lastModified": "2026-06-17T10:59:20.487",
"metrics": {
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "YES",
"Recovery": "NOT_DEFINED",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "UNREPORTED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:X/V:X/RE:X/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "91579145-5d7b-4cc5-b925-a0262ff19630",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-5598",
"options": [
{
"exploitation": "none"
},
{
"automatable": "yes"
},
{
"technicalImpact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-15T13:11:48.318645Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-04-15T10:16:49.757",
"references": [
{
"source": "91579145-5d7b-4cc5-b925-a0262ff19630",
"url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5"
},
{
"source": "91579145-5d7b-4cc5-b925-a0262ff19630",
"url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87"
},
{
"source": "91579145-5d7b-4cc5-b925-a0262ff19630",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598"
}
],
"sourceIdentifier": "91579145-5d7b-4cc5-b925-a0262ff19630",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-385"
}
],
"source": "91579145-5d7b-4cc5-b925-a0262ff19630",
"type": "Secondary"
}
]
}
GHSA-P93R-85WP-75V3
Vulnerability from github – Published: 2026-04-17 18:31 – Updated: 2026-06-19 15:20
VLAI
Summary
Bouncy Castle Has Covert Timing Channel Vulnerability
Details
Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java.
This issue only affects users of the FrodoKEM algorithm involved in the decryption of encapsulations.
This issue affects BC-JAVA: from 1.71 to 1.80.1, 1.81, 1.82 to 1.83.
Fixed versions: 1.80.2, 1.81.1, 1.84
Severity
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.bouncycastle:bcprov-jdk15to18"
},
"ranges": [
{
"events": [
{
"introduced": "1.71"
},
{
"fixed": "1.80.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.bouncycastle:bcprov-jdk14"
},
"ranges": [
{
"events": [
{
"introduced": "1.81"
},
{
"fixed": "1.81.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.bouncycastle:bcprov-jdk18on"
},
"ranges": [
{
"events": [
{
"introduced": "1.82"
},
{
"fixed": "1.84"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-5598"
],
"database_specific": {
"cwe_ids": [
"CWE-385"
],
"github_reviewed": true,
"github_reviewed_at": "2026-04-25T23:25:24Z",
"nvd_published_at": "2026-04-15T10:16:49Z",
"severity": "HIGH"
},
"details": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules). This vulnerability is associated with program files FrodoEngine.Java.\n\nThis issue only affects users of the FrodoKEM algorithm involved in the decryption of encapsulations.\n\nThis issue affects BC-JAVA: from 1.71 to 1.80.1, 1.81, 1.82 to 1.83.\n\nFixed versions: 1.80.2, 1.81.1, 1.84",
"id": "GHSA-p93r-85wp-75v3",
"modified": "2026-06-19T15:20:41Z",
"published": "2026-04-17T18:31:50Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://github.com/bcgit/bc-java/commit/8692e6b2b191fc4aafa32545c7a78bdb9bf110c5"
},
{
"type": "WEB",
"url": "https://github.com/bcgit/bc-java/commit/94abbd56413dfdac651fd878bc60253871ef5e87"
},
{
"type": "PACKAGE",
"url": "https://github.com/bcgit/bc-java"
},
{
"type": "WEB",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905598"
},
{
"type": "WEB",
"url": "https://github.com/bcgit/bc-java/wiki/CVE-2026-5598"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:U/S:P/AU:Y/U:Red",
"type": "CVSS_V4"
}
],
"summary": "Bouncy Castle Has Covert Timing Channel Vulnerability"
}
OPENSUSE-SU-2026:10571-1
Vulnerability from csaf_opensuse - Published: 2026-04-18 00:00 - Updated: 2026-04-18 00:00Summary
bouncycastle-1.84-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: bouncycastle-1.84-1.1 on GA media
Description of the patch: These are all security issues fixed in the bouncycastle-1.84-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10571
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.6 (High)
Affected products
Recommended
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2025-14813/ | self |
| https://www.suse.com/security/cve/CVE-2026-0636/ | self |
| https://www.suse.com/security/cve/CVE-2026-3505/ | self |
| https://www.suse.com/security/cve/CVE-2026-5588/ | self |
| https://www.suse.com/security/cve/CVE-2026-5598/ | self |
| https://www.suse.com/security/cve/CVE-2025-14813 | external |
| https://bugzilla.suse.com/1262225 | external |
| https://www.suse.com/security/cve/CVE-2026-0636 | external |
| https://bugzilla.suse.com/1262226 | external |
| https://www.suse.com/security/cve/CVE-2026-3505 | external |
| https://bugzilla.suse.com/1262232 | external |
| https://www.suse.com/security/cve/CVE-2026-5588 | external |
| https://bugzilla.suse.com/1262228 | external |
| https://www.suse.com/security/cve/CVE-2026-5598 | external |
| https://bugzilla.suse.com/1262227 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "bouncycastle-1.84-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the bouncycastle-1.84-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10571",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10571-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-14813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-14813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-0636 page",
"url": "https://www.suse.com/security/cve/CVE-2026-0636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3505 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3505/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5588 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5598/"
}
],
"title": "bouncycastle-1.84-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-18T00:00:00Z",
"generator": {
"date": "2026-04-18T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10571-1",
"initial_release_date": "2026-04-18T00:00:00Z",
"revision_history": [
{
"date": "2026-04-18T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bouncycastle-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-1.84-1.1.aarch64",
"product_id": "bouncycastle-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-javadoc-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-javadoc-1.84-1.1.aarch64",
"product_id": "bouncycastle-javadoc-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-jmail-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-jmail-1.84-1.1.aarch64",
"product_id": "bouncycastle-jmail-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-mail-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-mail-1.84-1.1.aarch64",
"product_id": "bouncycastle-mail-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-pg-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-pg-1.84-1.1.aarch64",
"product_id": "bouncycastle-pg-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-pkix-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-pkix-1.84-1.1.aarch64",
"product_id": "bouncycastle-pkix-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-tls-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-tls-1.84-1.1.aarch64",
"product_id": "bouncycastle-tls-1.84-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "bouncycastle-util-1.84-1.1.aarch64",
"product": {
"name": "bouncycastle-util-1.84-1.1.aarch64",
"product_id": "bouncycastle-util-1.84-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "bouncycastle-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-1.84-1.1.ppc64le",
"product_id": "bouncycastle-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-javadoc-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-javadoc-1.84-1.1.ppc64le",
"product_id": "bouncycastle-javadoc-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-jmail-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-jmail-1.84-1.1.ppc64le",
"product_id": "bouncycastle-jmail-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-mail-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-mail-1.84-1.1.ppc64le",
"product_id": "bouncycastle-mail-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-pg-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-pg-1.84-1.1.ppc64le",
"product_id": "bouncycastle-pg-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-pkix-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-pkix-1.84-1.1.ppc64le",
"product_id": "bouncycastle-pkix-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-tls-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-tls-1.84-1.1.ppc64le",
"product_id": "bouncycastle-tls-1.84-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "bouncycastle-util-1.84-1.1.ppc64le",
"product": {
"name": "bouncycastle-util-1.84-1.1.ppc64le",
"product_id": "bouncycastle-util-1.84-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bouncycastle-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-1.84-1.1.s390x",
"product_id": "bouncycastle-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-javadoc-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-javadoc-1.84-1.1.s390x",
"product_id": "bouncycastle-javadoc-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-jmail-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-jmail-1.84-1.1.s390x",
"product_id": "bouncycastle-jmail-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-mail-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-mail-1.84-1.1.s390x",
"product_id": "bouncycastle-mail-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-pg-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-pg-1.84-1.1.s390x",
"product_id": "bouncycastle-pg-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-pkix-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-pkix-1.84-1.1.s390x",
"product_id": "bouncycastle-pkix-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-tls-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-tls-1.84-1.1.s390x",
"product_id": "bouncycastle-tls-1.84-1.1.s390x"
}
},
{
"category": "product_version",
"name": "bouncycastle-util-1.84-1.1.s390x",
"product": {
"name": "bouncycastle-util-1.84-1.1.s390x",
"product_id": "bouncycastle-util-1.84-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bouncycastle-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-1.84-1.1.x86_64",
"product_id": "bouncycastle-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-javadoc-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-javadoc-1.84-1.1.x86_64",
"product_id": "bouncycastle-javadoc-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-jmail-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-jmail-1.84-1.1.x86_64",
"product_id": "bouncycastle-jmail-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-mail-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-mail-1.84-1.1.x86_64",
"product_id": "bouncycastle-mail-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-pg-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-pg-1.84-1.1.x86_64",
"product_id": "bouncycastle-pg-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-pkix-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-pkix-1.84-1.1.x86_64",
"product_id": "bouncycastle-pkix-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-tls-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-tls-1.84-1.1.x86_64",
"product_id": "bouncycastle-tls-1.84-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "bouncycastle-util-1.84-1.1.x86_64",
"product": {
"name": "bouncycastle-util-1.84-1.1.x86_64",
"product_id": "bouncycastle-util-1.84-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-javadoc-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-javadoc-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-javadoc-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-javadoc-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-javadoc-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-javadoc-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-javadoc-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-javadoc-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-jmail-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-jmail-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-jmail-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-jmail-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-jmail-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-jmail-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-jmail-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-jmail-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-mail-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-mail-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-mail-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-mail-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-mail-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-mail-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-mail-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-mail-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pg-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-pg-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pg-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-pg-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pg-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-pg-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pg-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-pg-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pkix-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-pkix-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pkix-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-pkix-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pkix-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-pkix-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-pkix-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-pkix-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-tls-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-tls-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-tls-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-tls-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-tls-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-tls-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-tls-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-tls-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-util-1.84-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64"
},
"product_reference": "bouncycastle-util-1.84-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-util-1.84-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le"
},
"product_reference": "bouncycastle-util-1.84-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-util-1.84-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x"
},
"product_reference": "bouncycastle-util-1.84-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bouncycastle-util-1.84-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
},
"product_reference": "bouncycastle-util-1.84-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-14813"
}
],
"notes": [
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (core modules). This vulnerability is associated with program files G3413CTRBlockCipher.\n\nGOSTCTR implementation unable to process more than 255 blocks correctly.\n\n\nThis issue affects BC-JAVA: from 1.59 before 1.84.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-14813",
"url": "https://www.suse.com/security/cve/CVE-2025-14813"
},
{
"category": "external",
"summary": "SUSE Bug 1262225 for CVE-2025-14813",
"url": "https://bugzilla.suse.com/1262225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-14813"
},
{
"cve": "CVE-2026-0636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-0636"
}
],
"notes": [
{
"category": "general",
"text": "Improper neutralization of special elements used in an LDAP query (\u0027LDAP injection\u0027) vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcprov on all (prov modules). This vulnerability is associated with program files LDAPStoreHelper.\n\nThis issue affects BC-JAVA: from 1.74 before 1.84.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-0636",
"url": "https://www.suse.com/security/cve/CVE-2026-0636"
},
{
"category": "external",
"summary": "SUSE Bug 1262226 for CVE-2026-0636",
"url": "https://bugzilla.suse.com/1262226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-0636"
},
{
"cve": "CVE-2026-3505",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3505"
}
],
"notes": [
{
"category": "general",
"text": "Allocation of resources without limits or throttling vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpg on all (pg modules).This issue affects BC-JAVA: before 1.84.\n\nUnbounded PGP AEAD chunk size leads to pre-auth resource exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3505",
"url": "https://www.suse.com/security/cve/CVE-2026-3505"
},
{
"category": "external",
"summary": "SUSE Bug 1262232 for CVE-2026-3505",
"url": "https://bugzilla.suse.com/1262232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-3505"
},
{
"cve": "CVE-2026-5588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5588"
}
],
"notes": [
{
"category": "general",
"text": ": Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all (pkix modules).\n\n\nPKIX draft CompositeVerifier accepts empty signature sequence as valid.\n\n\nThis issue affects BC-JAVA: from 1.49 before 1.84.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5588",
"url": "https://www.suse.com/security/cve/CVE-2026-5588"
},
{
"category": "external",
"summary": "SUSE Bug 1262228 for CVE-2026-5588",
"url": "https://bugzilla.suse.com/1262228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-5588"
},
{
"cve": "CVE-2026-5598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5598"
}
],
"notes": [
{
"category": "general",
"text": "Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all (core modules).\n Non-constant time comparisons risk private key leakage in FrodoKEM.\n\nThis issue affects BC-JAVA: from 2.17.3 before 1.84.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5598",
"url": "https://www.suse.com/security/cve/CVE-2026-5598"
},
{
"category": "external",
"summary": "SUSE Bug 1262227 for CVE-2026-5598",
"url": "https://bugzilla.suse.com/1262227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-javadoc-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-jmail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-mail-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pg-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-pkix-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-tls-1.84-1.1.x86_64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.aarch64",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.ppc64le",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.s390x",
"openSUSE Tumbleweed:bouncycastle-util-1.84-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-5598"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…