← Find more feeds

seclists.org

Open Source Security

Get the latest updates from Open Source Security directly as they happen.

Follow now 49 followers

Latest posts

Last updated about 1 hour ago

Heads-up: Upcoming Samba security releases (2026-05-26)

about 1 hour ago

oss-sec mailing list archives From: Douglas Bagnall <douglas.bagnall () catalyst net nz>...

Read full

PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method

about 2 hours ago

oss-sec mailing list archives From: Aaron Rainbolt <arraybolt3 () riseup net> Date:...

Read full

CVE-2026-41054: haveged — privilege escalation via command socket

about 5 hours ago

oss-sec mailing list archives From: Jiri Hladky <hladky.jiri () gmail com> Date:...

Read full

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

about 5 hours ago

oss-sec mailing list archives From: Aaron Rainbolt <arraybolt3 () riseup net> Date:...

Read full

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

about 5 hours ago

oss-sec mailing list archives From: Aaron Rainbolt <arraybolt3 () gmail com> Date:...

Read full

CVE-2026-5090: Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected

about 7 hours ago

oss-sec mailing list archives From: Robert Rothenberg <rrwo () cpansec org> Date:...

Read full

[OSSA-2026-013] Ironic: Denial of Service via specially crafted deployment requests (CVE-2026-44919)

about 7 hours ago

oss-sec mailing list archives From: Jay Faulkner <jay () jvf cc> Date:...

Read full

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

about 7 hours ago

oss-sec mailing list archives From: Gabriel Corona <gabriel.corona () free fr> Date:...

Read full

Re: PinTheft Linux LPE

about 7 hours ago

oss-sec mailing list archives From: Jelle van der Waa <jelle () vdwaa...

Read full

CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends

about 11 hours ago

oss-sec mailing list archives From: Vincent Beck <vincbeck () apache org> Date:...

Read full

CVE-2026-27173: Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

about 11 hours ago

oss-sec mailing list archives From: Vincent Beck <vincbeck () apache org> Date:...

Read full

Evince/Atril/Xreader command injection CVE-2026-46529

about 11 hours ago

oss-sec mailing list archives From: "Michael Catanzaro" <mcatanzaro () gnome org> Date:...

Read full

Or log in

Everything you care about in one place

Open Source Security

Latest posts

Heads-up: Upcoming Samba security releases (2026-05-26)

PCManFM-Qt allows arbitrary files to be opened via the org.freedesktop.FileManager1.ShowFolders method

CVE-2026-41054: haveged — privilege escalation via command socket

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

CVE-2026-5090: Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected

[OSSA-2026-013] Ironic: Denial of Service via specially crafted deployment requests (CVE-2026-44919)

Re: On the issue of MIME handlers that execute arbitrary code (e.g. Wine)

Re: PinTheft Linux LPE

CVE-2026-42526: Apache Airflow Amazon provider: Prevent unauthorized access to team-scoped secrets in AWS Secrets Manager and SSM Parameter Store backends

CVE-2026-27173: Apache Airflow CNCF Kubernetes provider: JWT Token Exposure in KubernetesExecutor Command-Line Arguments

Evince/Atril/Xreader command injection CVE-2026-46529

Try Feeder for free