CVE-2025-22247: open-vm-tools: Insecure file handling openwall.com/lists/oss-secu… A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM

CVE-2025-27696: Apache Superset: Improper authorization leading to resource ownership takeover openwall.com/lists/oss-secu… allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions

CVE-2024-28956: Xen Security Advisory 469 v2: x86: Indirect Target Selection openwall.com/lists/oss-secu… A bug in the hardware support for prediction-domain isolation. An attacker might be able to infer the contents of arbitrary host memory, including memory assigned to other guests.

CVE-2025-47436: Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression openwall.com/lists/oss-secu… specially crafted malformed ORC files can cause the decompressor to allocate a 250-byte buffer but then attempts to copy 295 bytes into it

VSV00016: Varnish Cache 6.0, 7.6, 7.7 - Request Smuggling Attack openwall.com/lists/oss-secu… allows certain malformed HTTP/1 requests to exploit improper framing of the message body to smuggle additional requests. Specifically, Varnish incorrectly permits CRLF to be skipped

EU Vulnerability Database openwall.com/lists/oss-secu… EUVD is in beta testing - given all the shenanigans with MITRE and CVE, it might be worth checking out. CVE Numbering Authority (CNA) with a focus on vulnerabilities in IT products discovered by or reported to European CSIRTs.

Apache IoTDB CVE-2024-24780: Remote Code Execution with untrusted URI of User-defined function openwall.com/lists/oss-secu… CVE-2025-26795: Exposure of Sensitive Info in JDBC driver openwall.com/lists/oss-secu… CVE-2025-26864: Exposure of Sensitive Info in OpenID openwall.com/lists/oss-secu…

Multiple vulnerabilities in Jenkins plugins openwall.com/lists/oss-secu… Fixes in: * Cadence vManager Plugin * Health Advisor by CloudBees Plugin * OpenID Connect Provider Plugin Unresolved security issues in: * DingTalk Plugin * WSO2 Oauth Plugin

WebKitGTK and WPE WebKit Security Advisory WSA-2025-0004 openwall.com/lists/oss-secu… 8 CVEs with varying impact affecting WebKitGTK and WPE WebKit before 2.48.2, including 2 affecting only before 2.42.0 where "Processing web content may lead to arbitrary code execution."

CVE-2025-4516: CPython: Use-after-free crash using bytes.decode("unicode_escape", error="ignore|replace") openwall.com/lists/oss-secu… MEDIUM severity. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected.

GLIBC-SA-2025-0002: CVE-2025-4802: glibc: elf: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH openwall.com/lists/oss-secu… Affects statically linked setuid binaries that call dlopen, including internally to glibc after setlocale or NSS functions such as getaddrinfo

Landlock news #5 openwall.com/lists/oss-secu… TL;DR: Check your sandboxed programs with Linux 6.15, review the audit logs, and update the sandbox policy if you see any Landlock events. GNOME OS, Flatcar, and RHEL 9.6 have enabled Landlock by default. x.com/l0kod/status/1…

CVE-2025-3908: OpenVPN 3 Linux v24.1 released openwall.com/lists/oss-secu… OpenVPN 3 Linux v20+ openvpn3-admin init-config, which must be run as root, follows symlinks when changing ownership and permissions. Fixed in v24.1.

CVE-2025-40775: BIND 9: DNS message with invalid TSIG causes an assertion failure openwall.com/lists/oss-secu…

CVE-2025-4575: OpenSSL: The x509 application adds trusted use instead of rejected use openwall.com/lists/oss-secu… If a user intends to make a trusted certificate rejected for a particular use it will be instead marked as trusted for that use. 3.5 is affected, 3.4 and below are not.

CVE-2025-48708: ghostscript can embed plaintext password in encrypted PDFs openwall.com/lists/oss-secu… the full command-line input, including the plaintext password, is embedded at the beginning of the generated PDF file

CVE-2025-40909: Perl 5.40 dir dup bug with threading openwall.com/lists/oss-secu… Since 2010, under some conditions, Perl temporarily changes the current directory at thread creation, which affects other threads. Test shows that arbitrary code execution is a possible consequence.