Aggregator

FEDORA-2026-6f3d2d0d82 Packages in this update:

• perl-Net-CIDR-Lite-0.24-1.fc44

Update description:

This update addresses some input validation issues:

• Reject Unicode digits and trailing newlines in parser inputs (CVE-2026-45190)
• Reject zero-padded CIDR masks (CVE-2026-45191)

FEDORA-EPEL-2026-e8ac6c370b Packages in this update:

• perl-Net-CIDR-Lite-0.24-1.el10_2

Update description:

This update addresses some input validation issues:

• Reject Unicode digits and trailing newlines in parser inputs (CVE-2026-45190)
• Reject zero-padded CIDR masks (CVE-2026-45191)

FEDORA-EPEL-2026-5ff59e836c Packages in this update:

• perl-Net-CIDR-Lite-0.24-1.el10_3

Update description:

This update addresses some input validation issues:

• Reject Unicode digits and trailing newlines in parser inputs (CVE-2026-45190)
• Reject zero-padded CIDR masks (CVE-2026-45191)

FEDORA-EPEL-2026-423f2faaf7 Packages in this update:

• perl-Net-CIDR-Lite-0.24-1.el8

Update description:

This update addresses some input validation issues:

• Reject Unicode digits and trailing newlines in parser inputs (CVE-2026-45190)
• Reject zero-padded CIDR masks (CVE-2026-45191)

It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could possibly use these issues to cause a denial of service or possibly execute code. These issues only affected Ubuntu 14.04 LTS. (CVE-2018-15607, CVE-2018-18544, CVE-2019-13137, CVE-2019-13391, CVE-2019-13391) It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could possibly use these issues to cause a denial of service or possibly execute code. (CVE-2026-24481, CVE-2026-24484, CVE-2026-24485, CVE-2026-25576, CVE-2026-25638, CVE-2026-25797, CVE-2026-25965) It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specifically crafted image, an attacker could possibly use these issues to cause a denial of service or possibly execute code. These issues only affected Ubuntu 25.10. (CVE-2026-25637, CVE-2026-25794, CVE-2026-25795, CVE-2026-25796, CVE-2026-25797, CVE-2026-25798, CVE-2026-25799, CVE-2026-25897, CVE-2026-25898)

FEDORA-2026-28858c383e Packages in this update:

• python-pysam-0.24.0-1.fc44

Update description:

Update pysam

Resolves CVE issues

FEDORA-2026-dfde5fc92a Packages in this update:

• freerdp-3.26.0-4.fc43

Update description:

Update to 3.26.0

FEDORA-2026-1c8efcc330 Packages in this update:

• freerdp-3.26.0-4.fc44

Update description:

Update to 3.26.0

FEDORA-EPEL-2026-87143ca0fd Packages in this update:

• chromium-148.0.7778.96-1.el10_1

Update description:

Update to 148.0.7778.96

• CVE-2026-7896: Integer overflow in Blink
• CVE-2026-7897: Use after free in Mobile
• CVE-2026-7898: Use after free in Chromoting
• CVE-2026-7899: Out of bounds read and write in V8
• CVE-2026-7900: Heap buffer overflow in ANGLE
• CVE-2026-7901: Use after free in ANGLE
• CVE-2026-7902: Out of bounds memory access in V8
• CVE-2026-7903: Integer overflow in ANGLE
• CVE-2026-7904: Out of bounds read in Fonts
• CVE-2026-7905: Insufficient validation of untrusted input in Media
• CVE-2026-7906: Use after free in SVG
• CVE-2026-7907: Use after free in DOM
• CVE-2026-7908: Use after free in Fullscreen
• CVE-2026-7909: Inappropriate implementation in ServiceWorker
• CVE-2026-7910: Use after free in Views
• CVE-2026-7911: Use after free in Aura
• CVE-2026-7912: Integer overflow in GPU
• CVE-2026-7913: Insufficient policy enforcement in DevTools
• CVE-2026-7914: Type Confusion in Accessibility
• CVE-2026-7915: Insufficient data validation in DevTools
• CVE-2026-7916: Insufficient data validation in InterestGroups
• CVE-2026-7917: Use after free in Fullscreen
• CVE-2026-7918: Use after free in GPU
• CVE-2026-7919: Use after free in Aura
• CVE-2026-7920: Use after free in Skia
• CVE-2026-7921: Use after free in Passwords
• CVE-2026-7922: Use after free in ServiceWorker
• CVE-2026-7923: Out of bounds write in Skia
• CVE-2026-7924: Uninitialized Use in Dawn
• CVE-2026-7925: Use after free in Chromoting
• CVE-2026-7926: Use after free in PresentationAPI
• CVE-2026-7927: Type Confusion in Runtime
• CVE-2026-7928: Use after free in WebRTC
• CVE-2026-7929: Use after free in MediaRecording
• CVE-2026-7930: Insufficient validation of untrusted input in Cookies
• CVE-2026-7931: Insufficient validation of untrusted input in iOS
• CVE-2026-7932: Insufficient policy enforcement in Downloads
• CVE-2026-7933: Out of bounds read in WebCodecs
• CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker
• CVE-2026-7935: Inappropriate implementation in Speech
• CVE-2026-7936: Object lifecycle issue in V8
• CVE-2026-7937: Insufficient policy enforcement in DevTools
• CVE-2026-7938: Use after free in CSS
• CVE-2026-7939: Inappropriate implementation in SanitizerAPI
• CVE-2026-7940: Use after free in V8
• CVE-2026-7941: Insufficient validation of untrusted input in Mobile
• CVE-2026-7942: Integer overflow in ANGLE
• CVE-2026-7943: Insufficient validation of untrusted input in ANGLE
• CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache
• CVE-2026-7945: Insufficient validation of untrusted input in COOP
• CVE-2026-7946: Insufficient policy enforcement in WebUI
• CVE-2026-7947: Insufficient validation of untrusted input in Network
• CVE-2026-7948: Race in Chromoting
• CVE-2026-7949: Out of bounds read in Skia
• CVE-2026-7950: Out of bounds read and write in GFX
• CVE-2026-7951: Out of bounds write in WebRTC
• CVE-2026-7952: Insufficient policy enforcement in Extensions
• CVE-2026-7953: Insufficient validation of untrusted input in Omnibox
• CVE-2026-7954: Race in Shared Storage
• CVE-2026-7955: Uninitialized Use in GPU
• CVE-2026-7956: Use after free in Navigation
• CVE-2026-7957: Out of bounds write in Media
• CVE-2026-7958: Inappropriate implementation in ServiceWorker
• CVE-2026-7959: Inappropriate implementation in Navigation
• CVE-2026-7960: Race in Speech
• CVE-2026-7961: Insufficient validation of untrusted input in Permissions
• CVE-2026-7962: Insufficient policy enforcement in DirectSockets
• CVE-2026-7963: Inappropriate implementation in ServiceWorker
• CVE-2026-7964: Insufficient validation of untrusted input in FileSystem
• CVE-2026-7965: Insufficient validation of untrusted input in DevTools
• CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-7967: Insufficient validation of untrusted input in Navigation
• CVE-2026-7968: Insufficient validation of untrusted input in CORS
• CVE-2026-7969: Integer overflow in Network
• CVE-2026-7970: Use after free in TopChrome
• CVE-2026-7971: Inappropriate implementation in ORB
• CVE-2026-7972: Uninitialized Use in GPU
• CVE-2026-7973: Integer overflow in Dawn
• CVE-2026-7974: Use after free in Blink
• CVE-2026-7975: Use after free in DevTools
• CVE-2026-7976: Use after free in Views
• CVE-2026-7977: Inappropriate implementation in Canvas
• CVE-2026-7978: Inappropriate implementation in Companion
• CVE-2026-7979: Inappropriate implementation in Media
• CVE-2026-7980: Use after free in WebAudio
• CVE-2026-7981: Out of bounds read in Codecs
• CVE-2026-7982: Uninitialized Use in WebCodecs
• CVE-2026-7983: Out of bounds read in Dawn
• CVE-2026-7984: Use after free in ReadingMode
• CVE-2026-7985: Use after free in GPU
• CVE-2026-7986: Insufficient policy enforcement in Autofill
• CVE-2026-7987: Use after free in WebRTC
• CVE-2026-7988: Type Confusion in WebRTC
• CVE-2026-7989: Insufficient data validation in DataTransfer
• CVE-2026-7990: Insufficient validation of untrusted input in Updater
• CVE-2026-7991: Use after free in UI
• CVE-2026-7992: Insufficient validation of untrusted input in UI
• CVE-2026-7993: Insufficient validation of untrusted input in Payments
• CVE-2026-7994: Inappropriate implementation in Chromoting
• CVE-2026-7995: Out of bounds read in AdFilter
• CVE-2026-7996: Insufficient validation of untrusted input in SSL
• CVE-2026-7997: Insufficient validation of untrusted input in Updater
• CVE-2026-7998: Insufficient validation of untrusted input in Dialog
• CVE-2026-7999: Inappropriate implementation in V8
• CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver
• CVE-2026-8001: Use after free in Printing
• CVE-2026-8002: Use after free in Audio
• CVE-2026-8003: Insufficient validation of untrusted input in TabGroups
• CVE-2026-8004: Insufficient policy enforcement in DevTools
• CVE-2026-8005: Insufficient validation of untrusted input in Cast
• CVE-2026-8006: Insufficient policy enforcement in DevTools
• CVE-2026-8007: Insufficient validation of untrusted input in Cast
• CVE-2026-8008: Inappropriate implementation in DevTools
• CVE-2026-8009: Inappropriate implementation in Cast
• CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8011: Insufficient policy enforcement in Search
• CVE-2026-8012: Inappropriate implementation in MHTML
• CVE-2026-8013: Insufficient validation of untrusted input in FedCM
• CVE-2026-8014: Inappropriate implementation in Preload
• CVE-2026-8015: Inappropriate implementation in Media
• CVE-2026-8016: Use after free in WebRTC
• CVE-2026-8017: Side-channel information leakage in Media
• CVE-2026-8018: Insufficient policy enforcement in DevTools
• CVE-2026-8019: Insufficient policy enforcement in WebApp
• CVE-2026-8020: Uninitialized Use in GPU
• CVE-2026-8021: Script injection in UI
• CVE-2026-8022: Inappropriate implementation in MHTML

FEDORA-EPEL-2026-ca48d83e4d Packages in this update:

• chromium-148.0.7778.96-1.el10_2

Update description:

Update to 148.0.7778.96

• CVE-2026-7896: Integer overflow in Blink
• CVE-2026-7897: Use after free in Mobile
• CVE-2026-7898: Use after free in Chromoting
• CVE-2026-7899: Out of bounds read and write in V8
• CVE-2026-7900: Heap buffer overflow in ANGLE
• CVE-2026-7901: Use after free in ANGLE
• CVE-2026-7902: Out of bounds memory access in V8
• CVE-2026-7903: Integer overflow in ANGLE
• CVE-2026-7904: Out of bounds read in Fonts
• CVE-2026-7905: Insufficient validation of untrusted input in Media
• CVE-2026-7906: Use after free in SVG
• CVE-2026-7907: Use after free in DOM
• CVE-2026-7908: Use after free in Fullscreen
• CVE-2026-7909: Inappropriate implementation in ServiceWorker
• CVE-2026-7910: Use after free in Views
• CVE-2026-7911: Use after free in Aura
• CVE-2026-7912: Integer overflow in GPU
• CVE-2026-7913: Insufficient policy enforcement in DevTools
• CVE-2026-7914: Type Confusion in Accessibility
• CVE-2026-7915: Insufficient data validation in DevTools
• CVE-2026-7916: Insufficient data validation in InterestGroups
• CVE-2026-7917: Use after free in Fullscreen
• CVE-2026-7918: Use after free in GPU
• CVE-2026-7919: Use after free in Aura
• CVE-2026-7920: Use after free in Skia
• CVE-2026-7921: Use after free in Passwords
• CVE-2026-7922: Use after free in ServiceWorker
• CVE-2026-7923: Out of bounds write in Skia
• CVE-2026-7924: Uninitialized Use in Dawn
• CVE-2026-7925: Use after free in Chromoting
• CVE-2026-7926: Use after free in PresentationAPI
• CVE-2026-7927: Type Confusion in Runtime
• CVE-2026-7928: Use after free in WebRTC
• CVE-2026-7929: Use after free in MediaRecording
• CVE-2026-7930: Insufficient validation of untrusted input in Cookies
• CVE-2026-7931: Insufficient validation of untrusted input in iOS
• CVE-2026-7932: Insufficient policy enforcement in Downloads
• CVE-2026-7933: Out of bounds read in WebCodecs
• CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker
• CVE-2026-7935: Inappropriate implementation in Speech
• CVE-2026-7936: Object lifecycle issue in V8
• CVE-2026-7937: Insufficient policy enforcement in DevTools
• CVE-2026-7938: Use after free in CSS
• CVE-2026-7939: Inappropriate implementation in SanitizerAPI
• CVE-2026-7940: Use after free in V8
• CVE-2026-7941: Insufficient validation of untrusted input in Mobile
• CVE-2026-7942: Integer overflow in ANGLE
• CVE-2026-7943: Insufficient validation of untrusted input in ANGLE
• CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache
• CVE-2026-7945: Insufficient validation of untrusted input in COOP
• CVE-2026-7946: Insufficient policy enforcement in WebUI
• CVE-2026-7947: Insufficient validation of untrusted input in Network
• CVE-2026-7948: Race in Chromoting
• CVE-2026-7949: Out of bounds read in Skia
• CVE-2026-7950: Out of bounds read and write in GFX
• CVE-2026-7951: Out of bounds write in WebRTC
• CVE-2026-7952: Insufficient policy enforcement in Extensions
• CVE-2026-7953: Insufficient validation of untrusted input in Omnibox
• CVE-2026-7954: Race in Shared Storage
• CVE-2026-7955: Uninitialized Use in GPU
• CVE-2026-7956: Use after free in Navigation
• CVE-2026-7957: Out of bounds write in Media
• CVE-2026-7958: Inappropriate implementation in ServiceWorker
• CVE-2026-7959: Inappropriate implementation in Navigation
• CVE-2026-7960: Race in Speech
• CVE-2026-7961: Insufficient validation of untrusted input in Permissions
• CVE-2026-7962: Insufficient policy enforcement in DirectSockets
• CVE-2026-7963: Inappropriate implementation in ServiceWorker
• CVE-2026-7964: Insufficient validation of untrusted input in FileSystem
• CVE-2026-7965: Insufficient validation of untrusted input in DevTools
• CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-7967: Insufficient validation of untrusted input in Navigation
• CVE-2026-7968: Insufficient validation of untrusted input in CORS
• CVE-2026-7969: Integer overflow in Network
• CVE-2026-7970: Use after free in TopChrome
• CVE-2026-7971: Inappropriate implementation in ORB
• CVE-2026-7972: Uninitialized Use in GPU
• CVE-2026-7973: Integer overflow in Dawn
• CVE-2026-7974: Use after free in Blink
• CVE-2026-7975: Use after free in DevTools
• CVE-2026-7976: Use after free in Views
• CVE-2026-7977: Inappropriate implementation in Canvas
• CVE-2026-7978: Inappropriate implementation in Companion
• CVE-2026-7979: Inappropriate implementation in Media
• CVE-2026-7980: Use after free in WebAudio
• CVE-2026-7981: Out of bounds read in Codecs
• CVE-2026-7982: Uninitialized Use in WebCodecs
• CVE-2026-7983: Out of bounds read in Dawn
• CVE-2026-7984: Use after free in ReadingMode
• CVE-2026-7985: Use after free in GPU
• CVE-2026-7986: Insufficient policy enforcement in Autofill
• CVE-2026-7987: Use after free in WebRTC
• CVE-2026-7988: Type Confusion in WebRTC
• CVE-2026-7989: Insufficient data validation in DataTransfer
• CVE-2026-7990: Insufficient validation of untrusted input in Updater
• CVE-2026-7991: Use after free in UI
• CVE-2026-7992: Insufficient validation of untrusted input in UI
• CVE-2026-7993: Insufficient validation of untrusted input in Payments
• CVE-2026-7994: Inappropriate implementation in Chromoting
• CVE-2026-7995: Out of bounds read in AdFilter
• CVE-2026-7996: Insufficient validation of untrusted input in SSL
• CVE-2026-7997: Insufficient validation of untrusted input in Updater
• CVE-2026-7998: Insufficient validation of untrusted input in Dialog
• CVE-2026-7999: Inappropriate implementation in V8
• CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver
• CVE-2026-8001: Use after free in Printing
• CVE-2026-8002: Use after free in Audio
• CVE-2026-8003: Insufficient validation of untrusted input in TabGroups
• CVE-2026-8004: Insufficient policy enforcement in DevTools
• CVE-2026-8005: Insufficient validation of untrusted input in Cast
• CVE-2026-8006: Insufficient policy enforcement in DevTools
• CVE-2026-8007: Insufficient validation of untrusted input in Cast
• CVE-2026-8008: Inappropriate implementation in DevTools
• CVE-2026-8009: Inappropriate implementation in Cast
• CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8011: Insufficient policy enforcement in Search
• CVE-2026-8012: Inappropriate implementation in MHTML
• CVE-2026-8013: Insufficient validation of untrusted input in FedCM
• CVE-2026-8014: Inappropriate implementation in Preload
• CVE-2026-8015: Inappropriate implementation in Media
• CVE-2026-8016: Use after free in WebRTC
• CVE-2026-8017: Side-channel information leakage in Media
• CVE-2026-8018: Insufficient policy enforcement in DevTools
• CVE-2026-8019: Insufficient policy enforcement in WebApp
• CVE-2026-8020: Uninitialized Use in GPU
• CVE-2026-8021: Script injection in UI
• CVE-2026-8022: Inappropriate implementation in MHTML

FEDORA-EPEL-2026-e2059c9894 Packages in this update:

• chromium-148.0.7778.96-1.el9

Update description:

Update to 148.0.7778.96

• CVE-2026-7896: Integer overflow in Blink
• CVE-2026-7897: Use after free in Mobile
• CVE-2026-7898: Use after free in Chromoting
• CVE-2026-7899: Out of bounds read and write in V8
• CVE-2026-7900: Heap buffer overflow in ANGLE
• CVE-2026-7901: Use after free in ANGLE
• CVE-2026-7902: Out of bounds memory access in V8
• CVE-2026-7903: Integer overflow in ANGLE
• CVE-2026-7904: Out of bounds read in Fonts
• CVE-2026-7905: Insufficient validation of untrusted input in Media
• CVE-2026-7906: Use after free in SVG
• CVE-2026-7907: Use after free in DOM
• CVE-2026-7908: Use after free in Fullscreen
• CVE-2026-7909: Inappropriate implementation in ServiceWorker
• CVE-2026-7910: Use after free in Views
• CVE-2026-7911: Use after free in Aura
• CVE-2026-7912: Integer overflow in GPU
• CVE-2026-7913: Insufficient policy enforcement in DevTools
• CVE-2026-7914: Type Confusion in Accessibility
• CVE-2026-7915: Insufficient data validation in DevTools
• CVE-2026-7916: Insufficient data validation in InterestGroups
• CVE-2026-7917: Use after free in Fullscreen
• CVE-2026-7918: Use after free in GPU
• CVE-2026-7919: Use after free in Aura
• CVE-2026-7920: Use after free in Skia
• CVE-2026-7921: Use after free in Passwords
• CVE-2026-7922: Use after free in ServiceWorker
• CVE-2026-7923: Out of bounds write in Skia
• CVE-2026-7924: Uninitialized Use in Dawn
• CVE-2026-7925: Use after free in Chromoting
• CVE-2026-7926: Use after free in PresentationAPI
• CVE-2026-7927: Type Confusion in Runtime
• CVE-2026-7928: Use after free in WebRTC
• CVE-2026-7929: Use after free in MediaRecording
• CVE-2026-7930: Insufficient validation of untrusted input in Cookies
• CVE-2026-7931: Insufficient validation of untrusted input in iOS
• CVE-2026-7932: Insufficient policy enforcement in Downloads
• CVE-2026-7933: Out of bounds read in WebCodecs
• CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker
• CVE-2026-7935: Inappropriate implementation in Speech
• CVE-2026-7936: Object lifecycle issue in V8
• CVE-2026-7937: Insufficient policy enforcement in DevTools
• CVE-2026-7938: Use after free in CSS
• CVE-2026-7939: Inappropriate implementation in SanitizerAPI
• CVE-2026-7940: Use after free in V8
• CVE-2026-7941: Insufficient validation of untrusted input in Mobile
• CVE-2026-7942: Integer overflow in ANGLE
• CVE-2026-7943: Insufficient validation of untrusted input in ANGLE
• CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache
• CVE-2026-7945: Insufficient validation of untrusted input in COOP
• CVE-2026-7946: Insufficient policy enforcement in WebUI
• CVE-2026-7947: Insufficient validation of untrusted input in Network
• CVE-2026-7948: Race in Chromoting
• CVE-2026-7949: Out of bounds read in Skia
• CVE-2026-7950: Out of bounds read and write in GFX
• CVE-2026-7951: Out of bounds write in WebRTC
• CVE-2026-7952: Insufficient policy enforcement in Extensions
• CVE-2026-7953: Insufficient validation of untrusted input in Omnibox
• CVE-2026-7954: Race in Shared Storage
• CVE-2026-7955: Uninitialized Use in GPU
• CVE-2026-7956: Use after free in Navigation
• CVE-2026-7957: Out of bounds write in Media
• CVE-2026-7958: Inappropriate implementation in ServiceWorker
• CVE-2026-7959: Inappropriate implementation in Navigation
• CVE-2026-7960: Race in Speech
• CVE-2026-7961: Insufficient validation of untrusted input in Permissions
• CVE-2026-7962: Insufficient policy enforcement in DirectSockets
• CVE-2026-7963: Inappropriate implementation in ServiceWorker
• CVE-2026-7964: Insufficient validation of untrusted input in FileSystem
• CVE-2026-7965: Insufficient validation of untrusted input in DevTools
• CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-7967: Insufficient validation of untrusted input in Navigation
• CVE-2026-7968: Insufficient validation of untrusted input in CORS
• CVE-2026-7969: Integer overflow in Network
• CVE-2026-7970: Use after free in TopChrome
• CVE-2026-7971: Inappropriate implementation in ORB
• CVE-2026-7972: Uninitialized Use in GPU
• CVE-2026-7973: Integer overflow in Dawn
• CVE-2026-7974: Use after free in Blink
• CVE-2026-7975: Use after free in DevTools
• CVE-2026-7976: Use after free in Views
• CVE-2026-7977: Inappropriate implementation in Canvas
• CVE-2026-7978: Inappropriate implementation in Companion
• CVE-2026-7979: Inappropriate implementation in Media
• CVE-2026-7980: Use after free in WebAudio
• CVE-2026-7981: Out of bounds read in Codecs
• CVE-2026-7982: Uninitialized Use in WebCodecs
• CVE-2026-7983: Out of bounds read in Dawn
• CVE-2026-7984: Use after free in ReadingMode
• CVE-2026-7985: Use after free in GPU
• CVE-2026-7986: Insufficient policy enforcement in Autofill
• CVE-2026-7987: Use after free in WebRTC
• CVE-2026-7988: Type Confusion in WebRTC
• CVE-2026-7989: Insufficient data validation in DataTransfer
• CVE-2026-7990: Insufficient validation of untrusted input in Updater
• CVE-2026-7991: Use after free in UI
• CVE-2026-7992: Insufficient validation of untrusted input in UI
• CVE-2026-7993: Insufficient validation of untrusted input in Payments
• CVE-2026-7994: Inappropriate implementation in Chromoting
• CVE-2026-7995: Out of bounds read in AdFilter
• CVE-2026-7996: Insufficient validation of untrusted input in SSL
• CVE-2026-7997: Insufficient validation of untrusted input in Updater
• CVE-2026-7998: Insufficient validation of untrusted input in Dialog
• CVE-2026-7999: Inappropriate implementation in V8
• CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver
• CVE-2026-8001: Use after free in Printing
• CVE-2026-8002: Use after free in Audio
• CVE-2026-8003: Insufficient validation of untrusted input in TabGroups
• CVE-2026-8004: Insufficient policy enforcement in DevTools
• CVE-2026-8005: Insufficient validation of untrusted input in Cast
• CVE-2026-8006: Insufficient policy enforcement in DevTools
• CVE-2026-8007: Insufficient validation of untrusted input in Cast
• CVE-2026-8008: Inappropriate implementation in DevTools
• CVE-2026-8009: Inappropriate implementation in Cast
• CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8011: Insufficient policy enforcement in Search
• CVE-2026-8012: Inappropriate implementation in MHTML
• CVE-2026-8013: Insufficient validation of untrusted input in FedCM
• CVE-2026-8014: Inappropriate implementation in Preload
• CVE-2026-8015: Inappropriate implementation in Media
• CVE-2026-8016: Use after free in WebRTC
• CVE-2026-8017: Side-channel information leakage in Media
• CVE-2026-8018: Insufficient policy enforcement in DevTools
• CVE-2026-8019: Insufficient policy enforcement in WebApp
• CVE-2026-8020: Uninitialized Use in GPU
• CVE-2026-8021: Script injection in UI
• CVE-2026-8022: Inappropriate implementation in MHTML

FEDORA-EPEL-2026-11dcfd4c9f Packages in this update:

• chromium-148.0.7778.96-1.el10_3

Update description:

Update to 148.0.7778.96

• CVE-2026-7896: Integer overflow in Blink
• CVE-2026-7897: Use after free in Mobile
• CVE-2026-7898: Use after free in Chromoting
• CVE-2026-7899: Out of bounds read and write in V8
• CVE-2026-7900: Heap buffer overflow in ANGLE
• CVE-2026-7901: Use after free in ANGLE
• CVE-2026-7902: Out of bounds memory access in V8
• CVE-2026-7903: Integer overflow in ANGLE
• CVE-2026-7904: Out of bounds read in Fonts
• CVE-2026-7905: Insufficient validation of untrusted input in Media
• CVE-2026-7906: Use after free in SVG
• CVE-2026-7907: Use after free in DOM
• CVE-2026-7908: Use after free in Fullscreen
• CVE-2026-7909: Inappropriate implementation in ServiceWorker
• CVE-2026-7910: Use after free in Views
• CVE-2026-7911: Use after free in Aura
• CVE-2026-7912: Integer overflow in GPU
• CVE-2026-7913: Insufficient policy enforcement in DevTools
• CVE-2026-7914: Type Confusion in Accessibility
• CVE-2026-7915: Insufficient data validation in DevTools
• CVE-2026-7916: Insufficient data validation in InterestGroups
• CVE-2026-7917: Use after free in Fullscreen
• CVE-2026-7918: Use after free in GPU
• CVE-2026-7919: Use after free in Aura
• CVE-2026-7920: Use after free in Skia
• CVE-2026-7921: Use after free in Passwords
• CVE-2026-7922: Use after free in ServiceWorker
• CVE-2026-7923: Out of bounds write in Skia
• CVE-2026-7924: Uninitialized Use in Dawn
• CVE-2026-7925: Use after free in Chromoting
• CVE-2026-7926: Use after free in PresentationAPI
• CVE-2026-7927: Type Confusion in Runtime
• CVE-2026-7928: Use after free in WebRTC
• CVE-2026-7929: Use after free in MediaRecording
• CVE-2026-7930: Insufficient validation of untrusted input in Cookies
• CVE-2026-7931: Insufficient validation of untrusted input in iOS
• CVE-2026-7932: Insufficient policy enforcement in Downloads
• CVE-2026-7933: Out of bounds read in WebCodecs
• CVE-2026-7934: Insufficient validation of untrusted input in Popup Blocker
• CVE-2026-7935: Inappropriate implementation in Speech
• CVE-2026-7936: Object lifecycle issue in V8
• CVE-2026-7937: Insufficient policy enforcement in DevTools
• CVE-2026-7938: Use after free in CSS
• CVE-2026-7939: Inappropriate implementation in SanitizerAPI
• CVE-2026-7940: Use after free in V8
• CVE-2026-7941: Insufficient validation of untrusted input in Mobile
• CVE-2026-7942: Integer overflow in ANGLE
• CVE-2026-7943: Insufficient validation of untrusted input in ANGLE
• CVE-2026-7944: Insufficient validation of untrusted input in Persistent Cache
• CVE-2026-7945: Insufficient validation of untrusted input in COOP
• CVE-2026-7946: Insufficient policy enforcement in WebUI
• CVE-2026-7947: Insufficient validation of untrusted input in Network
• CVE-2026-7948: Race in Chromoting
• CVE-2026-7949: Out of bounds read in Skia
• CVE-2026-7950: Out of bounds read and write in GFX
• CVE-2026-7951: Out of bounds write in WebRTC
• CVE-2026-7952: Insufficient policy enforcement in Extensions
• CVE-2026-7953: Insufficient validation of untrusted input in Omnibox
• CVE-2026-7954: Race in Shared Storage
• CVE-2026-7955: Uninitialized Use in GPU
• CVE-2026-7956: Use after free in Navigation
• CVE-2026-7957: Out of bounds write in Media
• CVE-2026-7958: Inappropriate implementation in ServiceWorker
• CVE-2026-7959: Inappropriate implementation in Navigation
• CVE-2026-7960: Race in Speech
• CVE-2026-7961: Insufficient validation of untrusted input in Permissions
• CVE-2026-7962: Insufficient policy enforcement in DirectSockets
• CVE-2026-7963: Inappropriate implementation in ServiceWorker
• CVE-2026-7964: Insufficient validation of untrusted input in FileSystem
• CVE-2026-7965: Insufficient validation of untrusted input in DevTools
• CVE-2026-7966: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-7967: Insufficient validation of untrusted input in Navigation
• CVE-2026-7968: Insufficient validation of untrusted input in CORS
• CVE-2026-7969: Integer overflow in Network
• CVE-2026-7970: Use after free in TopChrome
• CVE-2026-7971: Inappropriate implementation in ORB
• CVE-2026-7972: Uninitialized Use in GPU
• CVE-2026-7973: Integer overflow in Dawn
• CVE-2026-7974: Use after free in Blink
• CVE-2026-7975: Use after free in DevTools
• CVE-2026-7976: Use after free in Views
• CVE-2026-7977: Inappropriate implementation in Canvas
• CVE-2026-7978: Inappropriate implementation in Companion
• CVE-2026-7979: Inappropriate implementation in Media
• CVE-2026-7980: Use after free in WebAudio
• CVE-2026-7981: Out of bounds read in Codecs
• CVE-2026-7982: Uninitialized Use in WebCodecs
• CVE-2026-7983: Out of bounds read in Dawn
• CVE-2026-7984: Use after free in ReadingMode
• CVE-2026-7985: Use after free in GPU
• CVE-2026-7986: Insufficient policy enforcement in Autofill
• CVE-2026-7987: Use after free in WebRTC
• CVE-2026-7988: Type Confusion in WebRTC
• CVE-2026-7989: Insufficient data validation in DataTransfer
• CVE-2026-7990: Insufficient validation of untrusted input in Updater
• CVE-2026-7991: Use after free in UI
• CVE-2026-7992: Insufficient validation of untrusted input in UI
• CVE-2026-7993: Insufficient validation of untrusted input in Payments
• CVE-2026-7994: Inappropriate implementation in Chromoting
• CVE-2026-7995: Out of bounds read in AdFilter
• CVE-2026-7996: Insufficient validation of untrusted input in SSL
• CVE-2026-7997: Insufficient validation of untrusted input in Updater
• CVE-2026-7998: Insufficient validation of untrusted input in Dialog
• CVE-2026-7999: Inappropriate implementation in V8
• CVE-2026-8000: Insufficient validation of untrusted input in ChromeDriver
• CVE-2026-8001: Use after free in Printing
• CVE-2026-8002: Use after free in Audio
• CVE-2026-8003: Insufficient validation of untrusted input in TabGroups
• CVE-2026-8004: Insufficient policy enforcement in DevTools
• CVE-2026-8005: Insufficient validation of untrusted input in Cast
• CVE-2026-8006: Insufficient policy enforcement in DevTools
• CVE-2026-8007: Insufficient validation of untrusted input in Cast
• CVE-2026-8008: Inappropriate implementation in DevTools
• CVE-2026-8009: Inappropriate implementation in Cast
• CVE-2026-8010: Insufficient validation of untrusted input in SiteIsolation
• CVE-2026-8011: Insufficient policy enforcement in Search
• CVE-2026-8012: Inappropriate implementation in MHTML
• CVE-2026-8013: Insufficient validation of untrusted input in FedCM
• CVE-2026-8014: Inappropriate implementation in Preload
• CVE-2026-8015: Inappropriate implementation in Media
• CVE-2026-8016: Use after free in WebRTC
• CVE-2026-8017: Side-channel information leakage in Media
• CVE-2026-8018: Insufficient policy enforcement in DevTools
• CVE-2026-8019: Insufficient policy enforcement in WebApp
• CVE-2026-8020: Uninitialized Use in GPU
• CVE-2026-8021: Script injection in UI
• CVE-2026-8022: Inappropriate implementation in MHTML

Version:7.0.6 (stable) Released:2026-05-11 Source:linux-7.0.6.tar.xz PGP Signature:linux-7.0.6.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-7.0.6

Version:6.18.29 (longterm) Released:2026-05-11 Source:linux-6.18.29.tar.xz PGP Signature:linux-6.18.29.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-6.18.29

FEDORA-2026-707b7050da Packages in this update:

• mod_md-2.6.11-2.fc43

Update description:

• CVE-2026-29168 fix

FEDORA-2026-c9b72de46a Packages in this update:

• mod_md-2.6.11-2.fc44

Update description:

• CVE-2026-29168 fix

FEDORA-2026-0c87f546f8 Packages in this update:

• httpd-2.4.67-1.fc43

Update description:

• new version 2.4.67

FEDORA-2026-3e32c54eab Packages in this update:

• httpd-2.4.67-1.fc44

Update description:

• new version 2.4.67

Version:7.1-rc3 (mainline) Released:2026-05-10 Source:linux-7.1-rc3.tar.gz Patch:full (incremental)