Debian LTS Linux Security is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the community. We produce content that appeals to administrators, developers, home users, and security professionals.
Debian LTS LinuxSecurity.com is the community’s central source for information on Linux and open source security. We follow the open source trends as they affect the commu
- Debian LTS python-aiohttp Advisory DLA-4613-1 Request Smuggling DoS
on June 1, 2026 at 6:56 amSeveral vulnerabilities have been found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. CVE-2025-53643 Request smuggling vulnerability due to not parsing trailer sections of an HTTP request.
- Debian 11 Sentry-Python Important Environment Exposure CVE-2024-40647on May 31, 2026 at 11:52 pm
A vulnerability was found in the Python SDK for Sentry.io The issue results in the unintentional exposure of environment variables to subprocesses despite the env={} setting. For Debian 11 bullseye, this problem has been fixed in version 0.13.2-1+deb11u1.
- Debian Keystone Critical Privilege Escalation Threat Advisory DLA-4611-1on May 31, 2026 at 11:36 pm
Multiple vulnerabilities have been found in Keystone, the OpenStack identity service, including privilege escalation and authorization and access control flaws. CVE-2026-33551 An authenticated user with only a reader role may obtain an EC2/S3
- Debian git-lfs Moderate File Oversight Advisory DLA-4610-1 CVE-2025-26625on May 31, 2026 at 3:52 pm
In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository’s working tree with the contents of Git LFS objects, certain Git LFS commands could write to files visible outside the current Git working tree if symbolic or hard links existed which collided with the paths of files tracked by Git LFS.
- Debian 11 Imagemagick Important Denial of Service Issues DLA-4609-1on May 30, 2026 at 11:50 pm
Multiple security vulnerabilities were discovered in imagemagick, a software suite used for editing and manipulating digital images, which could lead to denial of service, information disclosure or potentially arbitrary code execution if malformed images are processed. For Debian 11 bullseye, these problems have been fixed in version
- Debian corosync DoS Advisory DLA-4608-1 CVE-2026-35091 CVE-2026-35092on May 30, 2026 at 12:26 am
Two vulnerabilities have been found in corosync, a cluster engine daemon and utilities, that allow a remote, unauthenticated attacker to cause a denial of service. CVE-2026-35091 A remote unauthenticated attacker can exploit a wrong return value
- Debian 11 linux-6.1 Critical Privilege Escalation DoS Info Leak DLA-4607-1on May 29, 2026 at 6:39 pm
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For Debian 11 bullseye, these problems have been fixed in version 6.1.174-1~deb11u1.
- Debian 11 Linux DLA-4606-1 Critical DoS Privilege Escalation Info Leakon May 29, 2026 at 6:36 pm
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. For Debian 11 bullseye, these problems have been fixed in version 5.10.257-1. This version additionally includes many more bug fixes
- Debian 11 Node.js Major Denial of Service Warning DLA-4598-1 CVE-2025-59465on May 24, 2026 at 10:18 am
Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or information disclosure. For Debian 11 bullseye, these problems have been fixed in version 12.22.12~dfsg-1~deb11u8. We recommend that you upgrade your nodejs packages.
