Linux · Ubuntu · Top 20

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - NVME drivers; - File systems infra…

Fatih Çelik discovered that tracker-miners incorrectly handled certain malformed MP3 files. An attacker could use this issue to cause tracker-miners to crash, resulting in a denial of service, or possibly execute arbitrary code.

Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this issue to inject arbitrary headers into email messages. This issue only affected python3.6, python3.7, python3.8, python3.9, p…

It was discovered that GLib incorrectly parsed large Base64 data. An attacker could use this issue to cause GLib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-1484) It was discovered that GLib i…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - io_…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SPI subsystem; - SMB network f…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; (CVE-20…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; (CVE-20…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - io_…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Unix domain sockets; (CVE-2025-4…

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; (CVE-20…

It was discovered that GitHub CLI could behave unexpectedly if users downloaded a malicious GitHub Actions workflow artifact through gh run download. An attacker could possibly use this issue to create or overwrite files in unintended dire…

It was discovered that Emacs could trigger unsafe Lisp macro expansion, when a user invoked elisp-completion-at-point on untrusted Emacs Lisp source code. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-539…

Several security issues were discovered in the libraries bundled in pip. An attacker could possibly use these issues to perform a variety of attacks, such as denial of service or arbitrary code execution.

It was discovered that Django exposed timing information when checking passwords. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-13473) Jiyong Yang discovered that Django incorrectly handled malformed…

Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users.

It was discovered that ImageMagick incorrectly handled image depth values when processing MIFF image files. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2025-43965) It was discover…

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 8.0.45 in Ubuntu 20.04 LTS. In addition to security fixes, the updated packages contai…

Vitaly Simonovich discovered that the GNU C Library did not properly initialize the input when WRDE_REUSE is used. An attacker could possibly use this issue to cause applications to crash, leading to a denial of service. (CVE-2025-15281) …

Kim Dong Han discovered that FreeRDP did not correctly validate the size of certain variables, which could cause a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.