Monitor vulnerabilities that affect your stack.
Sign up free to get alerts when software you use is affected.
CVE Vulnerabilities - 6 March 2026
RSS3208 vulnerabilities published on 6 March 2026
Severity:
Vim text editor's NetBeans integration has a buffer overflow flaw
OESA-2026-1501
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. V...
Vim's NetBeans Integration Allows Malicious Servers to Crash the Program
OESA-2026-1500
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. V...
Vim's NetBeans integration allows malicious servers to crash the editor
OESA-2026-1499
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. V...
Vim Text Editor May Crash or Be Exploited by Malicious Servers
OESA-2026-1498
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. V...
Vim's NetBeans Integration Allows Malicious Server to Crash Editor
OESA-2026-1497
Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. V...
PostgreSQL Client Software Exposes Server Memory
OESA-2026-1496
PostgreSQL is an advanced Object-Relational database management system (DBMS).
The base postgresql package contains the client programs that you&a...
PostgreSQL Client Software May Leak Memory or Execute Malicious Code
OESA-2026-1495
PostgreSQL is an advanced Object-Relational database management system (DBMS).
The base postgresql package contains the client programs that you&a...
PostgreSQL Update Required to Prevent Data Exposure and Code Execution
OESA-2026-1494
PostgreSQL is an advanced Object-Relational database management system (DBMS).
The base postgresql package contains the client programs that you&a...
PostgreSQL Client Software Can Leak Sensitive Data
OESA-2026-1493
PostgreSQL is an advanced Object-Relational database management system (DBMS).
The base postgresql package contains the client programs that you&a...
libssh: Remote code execution possible through malicious SSH connections
OESA-2026-1492
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the clie...
HSQLDB: Malicious database file can write to arbitrary locations
OESA-2026-1491
HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fas...
HSQLDB: Unrestricted File Writing in Libreoffice Database
OESA-2026-1490
HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fas...
Libreoffice HSQLdb Data Exposure
OESA-2026-1489
HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fas...
Libreoffice Database Security Risk: File Writing Vulnerability
OESA-2026-1488
HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fas...
HSQLDB: Malicious Database Files Can Write to Unintended Locations
OESA-2026-1487
HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fas...
Root npm Package @rootio/tar: Uncontrolled Resource Consumption
ROOT-APP-NPM-CVE-2026-23950
Root has patched CVE-2026-23950 in the @rootio/tar package for Root:npm. Multiple fixed versions available....
Root Tar Package Allows Unauthorized File Access
ROOT-APP-NPM-CVE-2026-24842
Root has patched CVE-2026-24842 in the @rootio/tar package for Root:npm. Multiple fixed versions available....
Root Package Tar: Unpatched Versions Leave System to Root Access
ROOT-APP-NPM-GHSA-qffp-2rhf-9h96
Root has patched GHSA-qffp-2rhf-9h96 in the @rootio/tar package for Root:npm. Multiple fixed versions available....
Root Tar Package Allows Unauthorized File Access
ROOT-APP-NPM-CVE-2026-23745
Root has patched CVE-2026-23745 in the @rootio/tar package for Root:npm. Multiple fixed versions available....
Potential Denial of Service in gRPC HPACK Parser
SUSE-SU-2026:0840-1
This update for grpc fixes the following issue:
- CVE-2023-33953: unbounded memory and CPU consumption in the HPACK parser leads to remote DoS (bsc#1...
Minimatch Package Allows Unauthorized File Access
ROOT-APP-NPM-CVE-2026-27904
Root has patched CVE-2026-27904 in the @rootio/minimatch package for Root:npm. Multiple fixed versions available....
rootio-freetype: Unauthorized data access via crafted font file
ROOT-OS-DEBIAN-12-CVE-2026-23865
Root has patched CVE-2026-23865 in the rootio-freetype package for Root:Debian:12. Multiple fixed versions available....
rootio-mariadb-10.5: Unauthorized access to database possible through root account
ROOT-OS-DEBIAN-11-CVE-2025-13699
Root has patched CVE-2025-13699 in the rootio-mariadb-10.5 package for Root:Debian:11. Multiple fixed versions available....
Rootio-Imagemagick: Unpatched Image Files Can Be Tricked into Running Malicious Code
ROOT-OS-DEBIAN-12-CVE-2026-25794
Root has patched CVE-2026-25794 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available....
Rootio Imagemagick: Unpatched Versions Leave Systems Open to Attack
ROOT-OS-DEBIAN-12-CVE-2026-25796
Root has patched CVE-2026-25796 in the rootio-imagemagick package for Root:Debian:12. Multiple fixed versions available....