May 9, 2026
It was discovered that PyJWT, a Python implementation of JSON web tokens insufficiently validated the “crit” header parameter, which could result in incomplete enforcement of authentication settings. For the oldstable distribution (bookworm), this problem has been fixed in version 2.6.0-1+deb12u1.
May 9, 2026
A security vulnerability has been discovered in libpng, a library implementing an interface for reading and writing PNG (Portable Network Graphics) files, which could leading to corrupted chunk data and potential heap information disclosure. For Debian 11 bullseye, this problem has been fixed in version
May 9, 2026
Two vulnerabilities have been discovered in the Linux kernel that may lead to local privilege escalation. For the oldstable distribution (bookworm), these problems have been fixed in version 6.1.170-3. We recommend that you upgrade your linux packages.
May 9, 2026
https://security-tracker.debian.org/tracker/DSA-6258-1
May 9, 2026
https://security-tracker.debian.org/tracker/DSA-6259-1
May 9, 2026
Two vulnerabilities have been discovered in the Linux kernel that may lead to local privilege escalation. For Debian 11 bullseye, these problems have been fixed in version 5.10.251-4. We recommend that you upgrade your linux packages.
May 8, 2026
An update that solves two vulnerabilities can now be installed.
May 8, 2026
An update that solves three vulnerabilities can now be installed.
May 8, 2026
Fake call logs, real payments: How CallPhantom tricks Android users
ESET researchers uncovered fraudulent apps on Google Play that claim to provide the call history “for any number” and had been downloaded more than seven million times before being taken down
May 8, 2026
Fixing the password problem is as easy as 123456
How come it’s still possible to ‘secure’ an online account with a six-digit string?
May 8, 2026
Important: git-lfs security update
May 8, 2026
Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in remote code execution, privilege escalation, denial of service or information disclosure. For Debian 11 bullseye, these problems have been fixed in version 2.4.67-1~deb11u1.
May 8, 2026
Lua could be made to crash or run programs as your login if it opened a specially crafted file.
May 8, 2026
When cloud giants meddle in markets
May 8, 2026
Python isn’t always easy
May 8, 2026
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes “Content-Length” over “Transfer-Encoding: chunked” when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse
May 8, 2026
Validate RSA_public_encrypt() result in RSASVE
May 8, 2026
Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes “Content-Length” over “Transfer-Encoding: chunked” when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An attacker could exploit this to smuggle malicious HTTP requests via a front-end reverse
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6253-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6254-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6255-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6256-1
May 8, 2026
https://security-tracker.debian.org/tracker/DSA-6257-1
May 8, 2026
Mozilla boasts Mythos boosted Firefox bug cull
May 7, 2026
https://security-tracker.debian.org/tracker/DSA-6249-1
May 7, 2026
The best new features in Python 3.15
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
Several security issues were fixed in the Linux kernel.
May 7, 2026
May 7, 2026