Grafana, OpenSSH, MariaDB, FFmpeg, and Perl Modules updates for SUSE

SUSE 5669 Published by

OpenSUSE Tumbleweed has released a batch of moderate security updates targeting several widely used software packages across its general availability media. These patches address numerous common vulnerabilities including critical flaws in Grafana, OpenSSH, MariaDB development libraries, and FFmpeg alongside older issues affecting Perl modules and chemical data tools. Administrators should prioritize installing these fixes immediately since some remote code execution risks carry high CVSS scores that could compromise system integrity. Regular maintenance cycles will help keep your infrastructure secure while preventing potential exploitation of the newly disclosed CVE identifiers.

openSUSE-SU-2026:10938-1: moderate: perl-HTTP-Daemon-6.170.0-1.1 on GA media
openSUSE-SU-2026:10937-1: moderate: openssh-10.3p1-6.1 on GA media
openSUSE-SU-2026:10939-1: moderate: perl-IO-Compress-2.220.0-1.1 on GA media
openSUSE-SU-2026:10936-1: moderate: libopenbabel8-3.2.0-1.1 on GA media
openSUSE-SU-2026:10935-1: moderate: libmozjs-115-0-115.15.0-9.1 on GA media
openSUSE-SU-2026:10934-1: moderate: libmariadbd-devel-11.8.8-1.1 on GA media
openSUSE-SU-2026:10931-1: moderate: ffmpeg-4-4.4.7-3.1 on GA media
openSUSE-SU-2026:10933-1: moderate: hauler-1.4.3-5.1 on GA media
openSUSE-SU-2026:10932-1: moderate: grafana-11.6.14+security04-1.1 on GA media




openSUSE-SU-2026:10938-1: moderate: perl-HTTP-Daemon-6.170.0-1.1 on GA media


# perl-HTTP-Daemon-6.170.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10938-1
Rating: moderate

Cross-References:

* CVE-2026-8450

CVSS scores:

* CVE-2026-8450 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the perl-HTTP-Daemon-6.170.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* perl-HTTP-Daemon 6.170.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-8450.html



openSUSE-SU-2026:10937-1: moderate: openssh-10.3p1-6.1 on GA media


# openssh-10.3p1-6.1 on GA media

Announcement ID: openSUSE-SU-2026:10937-1
Rating: moderate

Cross-References:

* CVE-2026-3497
* CVE-2026-35388

CVSS scores:

* CVE-2026-3497 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2026-3497 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-35388 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2026-35388 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the openssh-10.3p1-6.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* openssh 10.3p1-6.1
* openssh-cavs 10.3p1-6.1
* openssh-clients 10.3p1-6.1
* openssh-common 10.3p1-6.1
* openssh-helpers 10.3p1-6.1
* openssh-server 10.3p1-6.1
* openssh-server-config-rootlogin 10.3p1-6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-3497.html
* https://www.suse.com/security/cve/CVE-2026-35388.html



openSUSE-SU-2026:10939-1: moderate: perl-IO-Compress-2.220.0-1.1 on GA media


# perl-IO-Compress-2.220.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10939-1
Rating: moderate

Cross-References:

* CVE-2026-48962

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the perl-IO-Compress-2.220.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* perl-IO-Compress 2.220.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-48962.html



openSUSE-SU-2026:10936-1: moderate: libopenbabel8-3.2.0-1.1 on GA media


# libopenbabel8-3.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10936-1
Rating: moderate

Cross-References:

* CVE-2022-37331
* CVE-2022-43467
* CVE-2022-46280
* CVE-2022-46291
* CVE-2022-46295
* CVE-2025-10996
* CVE-2025-10999
* CVE-2026-2705

CVSS scores:

* CVE-2025-10996 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2025-10999 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves 8 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libopenbabel8-3.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libopenbabel8 3.2.0-1.1
* openbabel 3.2.0-1.1
* openbabel-devel 3.2.0-1.1
* openbabel-gui 3.2.0-1.1
* python3-openbabel 3.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2022-37331.html
* https://www.suse.com/security/cve/CVE-2022-43467.html
* https://www.suse.com/security/cve/CVE-2022-46280.html
* https://www.suse.com/security/cve/CVE-2022-46291.html
* https://www.suse.com/security/cve/CVE-2022-46295.html
* https://www.suse.com/security/cve/CVE-2025-10996.html
* https://www.suse.com/security/cve/CVE-2025-10999.html
* https://www.suse.com/security/cve/CVE-2026-2705.html



openSUSE-SU-2026:10935-1: moderate: libmozjs-115-0-115.15.0-9.1 on GA media


# libmozjs-115-0-115.15.0-9.1 on GA media

Announcement ID: openSUSE-SU-2026:10935-1
Rating: moderate

Cross-References:

* CVE-2025-70103

CVSS scores:

* CVE-2025-70103 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-70103 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libmozjs-115-0-115.15.0-9.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libmozjs-115-0 115.15.0-9.1
* mozjs115 115.15.0-9.1
* mozjs115-devel 115.15.0-9.1

## References:

* https://www.suse.com/security/cve/CVE-2025-70103.html



openSUSE-SU-2026:10934-1: moderate: libmariadbd-devel-11.8.8-1.1 on GA media


# libmariadbd-devel-11.8.8-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10934-1
Rating: moderate

Cross-References:

* CVE-2026-48163
* CVE-2026-48165
* CVE-2026-49261

CVSS scores:

* CVE-2026-48163 ( SUSE ): 8 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-48163 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-48165 ( SUSE ): 8 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-48165 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-49261 ( SUSE ): 9 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-49261 ( SUSE ): 9.4 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libmariadbd-devel-11.8.8-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libmariadbd-devel 11.8.8-1.1
* libmariadbd19 11.8.8-1.1
* mariadb 11.8.8-1.1
* mariadb-bench 11.8.8-1.1
* mariadb-client 11.8.8-1.1
* mariadb-errormessages 11.8.8-1.1
* mariadb-galera 11.8.8-1.1
* mariadb-rpm-macros 11.8.8-1.1
* mariadb-test 11.8.8-1.1
* mariadb-tools 11.8.8-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-48163.html
* https://www.suse.com/security/cve/CVE-2026-48165.html
* https://www.suse.com/security/cve/CVE-2026-49261.html



openSUSE-SU-2026:10931-1: moderate: ffmpeg-4-4.4.7-3.1 on GA media


# ffmpeg-4-4.4.7-3.1 on GA media

Announcement ID: openSUSE-SU-2026:10931-1
Rating: moderate

Cross-References:

* CVE-2026-30997

CVSS scores:

* CVE-2026-30997 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
* CVE-2026-30997 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the ffmpeg-4-4.4.7-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ffmpeg-4 4.4.7-3.1
* ffmpeg-4-libavcodec-devel 4.4.7-3.1
* ffmpeg-4-libavdevice-devel 4.4.7-3.1
* ffmpeg-4-libavfilter-devel 4.4.7-3.1
* ffmpeg-4-libavformat-devel 4.4.7-3.1
* ffmpeg-4-libavresample-devel 4.4.7-3.1
* ffmpeg-4-libavutil-devel 4.4.7-3.1
* ffmpeg-4-libpostproc-devel 4.4.7-3.1
* ffmpeg-4-libswresample-devel 4.4.7-3.1
* ffmpeg-4-libswscale-devel 4.4.7-3.1
* ffmpeg-4-private-devel 4.4.7-3.1
* libavcodec58_134 4.4.7-3.1
* libavdevice58_13 4.4.7-3.1
* libavfilter7_110 4.4.7-3.1
* libavformat58_76 4.4.7-3.1
* libavresample4_0 4.4.7-3.1
* libavutil56_70 4.4.7-3.1
* libpostproc55_9 4.4.7-3.1
* libswresample3_9 4.4.7-3.1
* libswscale5_9 4.4.7-3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-30997.html



openSUSE-SU-2026:10933-1: moderate: hauler-1.4.3-5.1 on GA media


# hauler-1.4.3-5.1 on GA media

Announcement ID: openSUSE-SU-2026:10933-1
Rating: moderate

Cross-References:

* CVE-2026-25680
* CVE-2026-25681

CVSS scores:

* CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25680 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-25681 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the hauler-1.4.3-5.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* hauler 1.4.3-5.1

## References:

* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html



openSUSE-SU-2026:10932-1: moderate: grafana-11.6.14+security04-1.1 on GA media


# grafana-11.6.14+security04-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10932-1
Rating: moderate

Cross-References:

* CVE-2026-28374
* CVE-2026-28376
* CVE-2026-28379
* CVE-2026-28380
* CVE-2026-28383
* CVE-2026-33376
* CVE-2026-33377
* CVE-2026-33378
* CVE-2026-33380
* CVE-2026-33381

CVSS scores:

* CVE-2026-28374 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-28374 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-28376 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28376 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28379 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28379 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28380 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-28380 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-28383 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28383 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33376 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33376 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33377 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-33377 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33378 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33378 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33380 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2026-33380 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2026-33381 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33381 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 10 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the grafana-11.6.14+security04-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* grafana 11.6.14+security04-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-28374.html
* https://www.suse.com/security/cve/CVE-2026-28376.html
* https://www.suse.com/security/cve/CVE-2026-28379.html
* https://www.suse.com/security/cve/CVE-2026-28380.html
* https://www.suse.com/security/cve/CVE-2026-28383.html
* https://www.suse.com/security/cve/CVE-2026-33376.html
* https://www.suse.com/security/cve/CVE-2026-33377.html
* https://www.suse.com/security/cve/CVE-2026-33378.html
* https://www.suse.com/security/cve/CVE-2026-33380.html
* https://www.suse.com/security/cve/CVE-2026-33381.html


Unbound, PHP, Bind9.16, and Thunderbird updates for Rocky Linux

Linux Security Roundup for Week 23, 2026

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...