openSUSE Tumbleweed users have several new security patches available for their systems. These updates target critical packages including the Linux kernel, Apache HTTP Server, multiple Java OpenJ9 versions, ChromeDriver, Expat, and Apache Commons Configuration2. Each release resolves dozens of distinct vulnerabilities that carry moderate overall ratings alongside high individual CVSS scores. Administrators should install these updates promptly to protect their environments from potential exploitation.

openSUSE-SU-2026:10793-1: moderate: kernel-devel-7.0.7-1.1 on GA media
openSUSE-SU-2026:10784-1: moderate: apache-commons-configuration2-2.15.0-1.1 on GA media
openSUSE-SU-2026:10792-1: moderate: java-25-openj9-25.0.3.0-2.1 on GA media
openSUSE-SU-2026:10789-1: moderate: java-17-openj9-17.0.19.0-2.1 on GA media
openSUSE-SU-2026:10788-1: moderate: java-11-openj9-11.0.31.0-2.1 on GA media
openSUSE-SU-2026:10785-1: moderate: apache2-2.4.67-1.1 on GA media
openSUSE-SU-2026:10790-1: moderate: java-1_8_0-openj9-1.8.0.492-2.1 on GA media
openSUSE-SU-2026:10786-1: moderate: chromedriver-148.0.7778.167-2.1 on GA media
openSUSE-SU-2026:10787-1: moderate: expat-2.8.1-1.1 on GA media
openSUSE-SU-2026:10791-1: moderate: java-21-openj9-21.0.11.0-2.1 on GA media

openSUSE-SU-2026:10793-1: moderate: kernel-devel-7.0.7-1.1 on GA media

# kernel-devel-7.0.7-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10793-1
Rating: moderate

Cross-References:

* CVE-2026-31694
* CVE-2026-31696
* CVE-2026-31697
* CVE-2026-31698
* CVE-2026-31699
* CVE-2026-31700
* CVE-2026-31701
* CVE-2026-31702
* CVE-2026-31703
* CVE-2026-31704
* CVE-2026-31705
* CVE-2026-31706
* CVE-2026-31707
* CVE-2026-31708
* CVE-2026-31709
* CVE-2026-31710
* CVE-2026-31711
* CVE-2026-31712
* CVE-2026-31713
* CVE-2026-31714
* CVE-2026-31715
* CVE-2026-31716
* CVE-2026-31717
* CVE-2026-31718
* CVE-2026-31719
* CVE-2026-43058
* CVE-2026-43071
* CVE-2026-43072
* CVE-2026-43073
* CVE-2026-43284
* CVE-2026-43348
* CVE-2026-43349
* CVE-2026-43350
* CVE-2026-43490
* CVE-2026-43500

CVSS scores:

* CVE-2026-31694 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31694 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31696 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31697 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31697 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31698 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31698 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31699 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31699 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31700 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31700 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31701 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-31701 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31703 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-31703 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31705 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31705 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31706 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31707 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-31707 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31708 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
* CVE-2026-31708 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31709 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-31709 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31710 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-31710 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N
* CVE-2026-31711 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31711 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31712 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
* CVE-2026-31712 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31713 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31714 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-31714 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-31715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31715 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31716 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-31716 ( SUSE ): 7 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31717 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31717 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31718 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-31718 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31719 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31719 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43058 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-43058 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43071 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-43071 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-43072 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43073 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-43073 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-43348 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-43349 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:L
* CVE-2026-43349 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
* CVE-2026-43350 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
* CVE-2026-43350 ( SUSE ): 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43490 ( SUSE ): 5.5 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-43490 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 35 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the kernel-devel-7.0.7-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* kernel-devel 7.0.7-1.1
* kernel-macros 7.0.7-1.1
* kernel-source 7.0.7-1.1
* kernel-source-vanilla 7.0.7-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-31694.html
* https://www.suse.com/security/cve/CVE-2026-31696.html
* https://www.suse.com/security/cve/CVE-2026-31697.html
* https://www.suse.com/security/cve/CVE-2026-31698.html
* https://www.suse.com/security/cve/CVE-2026-31699.html
* https://www.suse.com/security/cve/CVE-2026-31700.html
* https://www.suse.com/security/cve/CVE-2026-31701.html
* https://www.suse.com/security/cve/CVE-2026-31702.html
* https://www.suse.com/security/cve/CVE-2026-31703.html
* https://www.suse.com/security/cve/CVE-2026-31704.html
* https://www.suse.com/security/cve/CVE-2026-31705.html
* https://www.suse.com/security/cve/CVE-2026-31706.html
* https://www.suse.com/security/cve/CVE-2026-31707.html
* https://www.suse.com/security/cve/CVE-2026-31708.html
* https://www.suse.com/security/cve/CVE-2026-31709.html
* https://www.suse.com/security/cve/CVE-2026-31710.html
* https://www.suse.com/security/cve/CVE-2026-31711.html
* https://www.suse.com/security/cve/CVE-2026-31712.html
* https://www.suse.com/security/cve/CVE-2026-31713.html
* https://www.suse.com/security/cve/CVE-2026-31714.html
* https://www.suse.com/security/cve/CVE-2026-31715.html
* https://www.suse.com/security/cve/CVE-2026-31716.html
* https://www.suse.com/security/cve/CVE-2026-31717.html
* https://www.suse.com/security/cve/CVE-2026-31718.html
* https://www.suse.com/security/cve/CVE-2026-31719.html
* https://www.suse.com/security/cve/CVE-2026-43058.html
* https://www.suse.com/security/cve/CVE-2026-43071.html
* https://www.suse.com/security/cve/CVE-2026-43072.html
* https://www.suse.com/security/cve/CVE-2026-43073.html
* https://www.suse.com/security/cve/CVE-2026-43284.html
* https://www.suse.com/security/cve/CVE-2026-43348.html
* https://www.suse.com/security/cve/CVE-2026-43349.html
* https://www.suse.com/security/cve/CVE-2026-43350.html
* https://www.suse.com/security/cve/CVE-2026-43490.html
* https://www.suse.com/security/cve/CVE-2026-43500.html

openSUSE-SU-2026:10784-1: moderate: apache-commons-configuration2-2.15.0-1.1 on GA media

# apache-commons-configuration2-2.15.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10784-1
Rating: moderate

Cross-References:

* CVE-2025-48924
* CVE-2026-45205

CVSS scores:

* CVE-2025-48924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-48924 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45205 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45205 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the apache-commons-configuration2-2.15.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* apache-commons-configuration2 2.15.0-1.1
* apache-commons-configuration2-javadoc 2.15.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-48924.html
* https://www.suse.com/security/cve/CVE-2026-45205.html

openSUSE-SU-2026:10792-1: moderate: java-25-openj9-25.0.3.0-2.1 on GA media

# java-25-openj9-25.0.3.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10792-1
Rating: moderate

Cross-References:

* CVE-2026-1188

CVSS scores:

* CVE-2026-1188 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the java-25-openj9-25.0.3.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-25-openj9 25.0.3.0-2.1
* java-25-openj9-demo 25.0.3.0-2.1
* java-25-openj9-devel 25.0.3.0-2.1
* java-25-openj9-headless 25.0.3.0-2.1
* java-25-openj9-javadoc 25.0.3.0-2.1
* java-25-openj9-jmods 25.0.3.0-2.1
* java-25-openj9-src 25.0.3.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1188.html

openSUSE-SU-2026:10789-1: moderate: java-17-openj9-17.0.19.0-2.1 on GA media

# java-17-openj9-17.0.19.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10789-1
Rating: moderate

Cross-References:

* CVE-2026-1188

CVSS scores:

* CVE-2026-1188 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the java-17-openj9-17.0.19.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-17-openj9 17.0.19.0-2.1
* java-17-openj9-demo 17.0.19.0-2.1
* java-17-openj9-devel 17.0.19.0-2.1
* java-17-openj9-headless 17.0.19.0-2.1
* java-17-openj9-javadoc 17.0.19.0-2.1
* java-17-openj9-jmods 17.0.19.0-2.1
* java-17-openj9-src 17.0.19.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1188.html

openSUSE-SU-2026:10788-1: moderate: java-11-openj9-11.0.31.0-2.1 on GA media

# java-11-openj9-11.0.31.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10788-1
Rating: moderate

Cross-References:

* CVE-2026-1188

CVSS scores:

* CVE-2026-1188 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the java-11-openj9-11.0.31.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-11-openj9 11.0.31.0-2.1
* java-11-openj9-demo 11.0.31.0-2.1
* java-11-openj9-devel 11.0.31.0-2.1
* java-11-openj9-headless 11.0.31.0-2.1
* java-11-openj9-javadoc 11.0.31.0-2.1
* java-11-openj9-jmods 11.0.31.0-2.1
* java-11-openj9-src 11.0.31.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1188.html

openSUSE-SU-2026:10785-1: moderate: apache2-2.4.67-1.1 on GA media

# apache2-2.4.67-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10785-1
Rating: moderate

Cross-References:

* CVE-2026-23918
* CVE-2026-24072
* CVE-2026-28780
* CVE-2026-29168
* CVE-2026-29169
* CVE-2026-33006
* CVE-2026-33007
* CVE-2026-33523
* CVE-2026-33857
* CVE-2026-34032
* CVE-2026-34059

CVSS scores:

* CVE-2026-23918 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-23918 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-24072 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-28780 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-28780 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-29168 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-29168 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-29169 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-29169 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33006 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33006 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33007 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-33007 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-33523 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-33523 ( SUSE ): 9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2026-33857 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-33857 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34032 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-34032 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34059 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-34059 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 11 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the apache2-2.4.67-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* apache2 2.4.67-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-23918.html
* https://www.suse.com/security/cve/CVE-2026-24072.html
* https://www.suse.com/security/cve/CVE-2026-28780.html
* https://www.suse.com/security/cve/CVE-2026-29168.html
* https://www.suse.com/security/cve/CVE-2026-29169.html
* https://www.suse.com/security/cve/CVE-2026-33006.html
* https://www.suse.com/security/cve/CVE-2026-33007.html
* https://www.suse.com/security/cve/CVE-2026-33523.html
* https://www.suse.com/security/cve/CVE-2026-33857.html
* https://www.suse.com/security/cve/CVE-2026-34032.html
* https://www.suse.com/security/cve/CVE-2026-34059.html

openSUSE-SU-2026:10790-1: moderate: java-1_8_0-openj9-1.8.0.492-2.1 on GA media

# java-1_8_0-openj9-1.8.0.492-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10790-1
Rating: moderate

Cross-References:

* CVE-2026-1188

CVSS scores:

* CVE-2026-1188 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the java-1_8_0-openj9-1.8.0.492-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-1_8_0-openj9 1.8.0.492-2.1
* java-1_8_0-openj9-accessibility 1.8.0.492-2.1
* java-1_8_0-openj9-demo 1.8.0.492-2.1
* java-1_8_0-openj9-devel 1.8.0.492-2.1
* java-1_8_0-openj9-headless 1.8.0.492-2.1
* java-1_8_0-openj9-javadoc 1.8.0.492-2.1
* java-1_8_0-openj9-src 1.8.0.492-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1188.html

openSUSE-SU-2026:10786-1: moderate: chromedriver-148.0.7778.167-2.1 on GA media

# chromedriver-148.0.7778.167-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10786-1
Rating: moderate

Cross-References:

* CVE-2026-8509
* CVE-2026-8510
* CVE-2026-8511
* CVE-2026-8512
* CVE-2026-8513
* CVE-2026-8514
* CVE-2026-8515
* CVE-2026-8516
* CVE-2026-8517
* CVE-2026-8518
* CVE-2026-8519
* CVE-2026-8520
* CVE-2026-8521
* CVE-2026-8522
* CVE-2026-8523
* CVE-2026-8524
* CVE-2026-8525
* CVE-2026-8526
* CVE-2026-8527
* CVE-2026-8528
* CVE-2026-8529
* CVE-2026-8530
* CVE-2026-8531
* CVE-2026-8532
* CVE-2026-8533
* CVE-2026-8534
* CVE-2026-8535
* CVE-2026-8536
* CVE-2026-8537
* CVE-2026-8538
* CVE-2026-8539
* CVE-2026-8540
* CVE-2026-8541
* CVE-2026-8542
* CVE-2026-8543
* CVE-2026-8544
* CVE-2026-8545
* CVE-2026-8546
* CVE-2026-8547
* CVE-2026-8548
* CVE-2026-8549
* CVE-2026-8550
* CVE-2026-8551
* CVE-2026-8552
* CVE-2026-8553
* CVE-2026-8554
* CVE-2026-8555
* CVE-2026-8556
* CVE-2026-8557
* CVE-2026-8558
* CVE-2026-8559
* CVE-2026-8560
* CVE-2026-8561
* CVE-2026-8562
* CVE-2026-8563
* CVE-2026-8564
* CVE-2026-8565
* CVE-2026-8566
* CVE-2026-8567
* CVE-2026-8568
* CVE-2026-8569
* CVE-2026-8570
* CVE-2026-8571
* CVE-2026-8572
* CVE-2026-8573
* CVE-2026-8574
* CVE-2026-8575
* CVE-2026-8576
* CVE-2026-8577
* CVE-2026-8578
* CVE-2026-8579
* CVE-2026-8580
* CVE-2026-8581
* CVE-2026-8582
* CVE-2026-8583
* CVE-2026-8584
* CVE-2026-8585
* CVE-2026-8586
* CVE-2026-8587

Affected Products:

* openSUSE Tumbleweed

An update that solves 79 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-148.0.7778.167-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 148.0.7778.167-2.1
* chromium 148.0.7778.167-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-8509.html
* https://www.suse.com/security/cve/CVE-2026-8510.html
* https://www.suse.com/security/cve/CVE-2026-8511.html
* https://www.suse.com/security/cve/CVE-2026-8512.html
* https://www.suse.com/security/cve/CVE-2026-8513.html
* https://www.suse.com/security/cve/CVE-2026-8514.html
* https://www.suse.com/security/cve/CVE-2026-8515.html
* https://www.suse.com/security/cve/CVE-2026-8516.html
* https://www.suse.com/security/cve/CVE-2026-8517.html
* https://www.suse.com/security/cve/CVE-2026-8518.html
* https://www.suse.com/security/cve/CVE-2026-8519.html
* https://www.suse.com/security/cve/CVE-2026-8520.html
* https://www.suse.com/security/cve/CVE-2026-8521.html
* https://www.suse.com/security/cve/CVE-2026-8522.html
* https://www.suse.com/security/cve/CVE-2026-8523.html
* https://www.suse.com/security/cve/CVE-2026-8524.html
* https://www.suse.com/security/cve/CVE-2026-8525.html
* https://www.suse.com/security/cve/CVE-2026-8526.html
* https://www.suse.com/security/cve/CVE-2026-8527.html
* https://www.suse.com/security/cve/CVE-2026-8528.html
* https://www.suse.com/security/cve/CVE-2026-8529.html
* https://www.suse.com/security/cve/CVE-2026-8530.html
* https://www.suse.com/security/cve/CVE-2026-8531.html
* https://www.suse.com/security/cve/CVE-2026-8532.html
* https://www.suse.com/security/cve/CVE-2026-8533.html
* https://www.suse.com/security/cve/CVE-2026-8534.html
* https://www.suse.com/security/cve/CVE-2026-8535.html
* https://www.suse.com/security/cve/CVE-2026-8536.html
* https://www.suse.com/security/cve/CVE-2026-8537.html
* https://www.suse.com/security/cve/CVE-2026-8538.html
* https://www.suse.com/security/cve/CVE-2026-8539.html
* https://www.suse.com/security/cve/CVE-2026-8540.html
* https://www.suse.com/security/cve/CVE-2026-8541.html
* https://www.suse.com/security/cve/CVE-2026-8542.html
* https://www.suse.com/security/cve/CVE-2026-8543.html
* https://www.suse.com/security/cve/CVE-2026-8544.html
* https://www.suse.com/security/cve/CVE-2026-8545.html
* https://www.suse.com/security/cve/CVE-2026-8546.html
* https://www.suse.com/security/cve/CVE-2026-8547.html
* https://www.suse.com/security/cve/CVE-2026-8548.html
* https://www.suse.com/security/cve/CVE-2026-8549.html
* https://www.suse.com/security/cve/CVE-2026-8550.html
* https://www.suse.com/security/cve/CVE-2026-8551.html
* https://www.suse.com/security/cve/CVE-2026-8552.html
* https://www.suse.com/security/cve/CVE-2026-8553.html
* https://www.suse.com/security/cve/CVE-2026-8554.html
* https://www.suse.com/security/cve/CVE-2026-8555.html
* https://www.suse.com/security/cve/CVE-2026-8556.html
* https://www.suse.com/security/cve/CVE-2026-8557.html
* https://www.suse.com/security/cve/CVE-2026-8558.html
* https://www.suse.com/security/cve/CVE-2026-8559.html
* https://www.suse.com/security/cve/CVE-2026-8560.html
* https://www.suse.com/security/cve/CVE-2026-8561.html
* https://www.suse.com/security/cve/CVE-2026-8562.html
* https://www.suse.com/security/cve/CVE-2026-8563.html
* https://www.suse.com/security/cve/CVE-2026-8564.html
* https://www.suse.com/security/cve/CVE-2026-8565.html
* https://www.suse.com/security/cve/CVE-2026-8566.html
* https://www.suse.com/security/cve/CVE-2026-8567.html
* https://www.suse.com/security/cve/CVE-2026-8568.html
* https://www.suse.com/security/cve/CVE-2026-8569.html
* https://www.suse.com/security/cve/CVE-2026-8570.html
* https://www.suse.com/security/cve/CVE-2026-8571.html
* https://www.suse.com/security/cve/CVE-2026-8572.html
* https://www.suse.com/security/cve/CVE-2026-8573.html
* https://www.suse.com/security/cve/CVE-2026-8574.html
* https://www.suse.com/security/cve/CVE-2026-8575.html
* https://www.suse.com/security/cve/CVE-2026-8576.html
* https://www.suse.com/security/cve/CVE-2026-8577.html
* https://www.suse.com/security/cve/CVE-2026-8578.html
* https://www.suse.com/security/cve/CVE-2026-8579.html
* https://www.suse.com/security/cve/CVE-2026-8580.html
* https://www.suse.com/security/cve/CVE-2026-8581.html
* https://www.suse.com/security/cve/CVE-2026-8582.html
* https://www.suse.com/security/cve/CVE-2026-8583.html
* https://www.suse.com/security/cve/CVE-2026-8584.html
* https://www.suse.com/security/cve/CVE-2026-8585.html
* https://www.suse.com/security/cve/CVE-2026-8586.html
* https://www.suse.com/security/cve/CVE-2026-8587.html

openSUSE-SU-2026:10787-1: moderate: expat-2.8.1-1.1 on GA media

# expat-2.8.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10787-1
Rating: moderate

Cross-References:

* CVE-2026-41080
* CVE-2026-45186

CVSS scores:

* CVE-2026-41080 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-41080 ( SUSE ): 2 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-45186 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the expat-2.8.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* expat 2.8.1-1.1
* libexpat-devel 2.8.1-1.1
* libexpat-devel-32bit 2.8.1-1.1
* libexpat1 2.8.1-1.1
* libexpat1-32bit 2.8.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41080.html
* https://www.suse.com/security/cve/CVE-2026-45186.html

openSUSE-SU-2026:10791-1: moderate: java-21-openj9-21.0.11.0-2.1 on GA media

# java-21-openj9-21.0.11.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10791-1
Rating: moderate

Cross-References:

* CVE-2026-1188

CVSS scores:

* CVE-2026-1188 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the java-21-openj9-21.0.11.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* java-21-openj9 21.0.11.0-2.1
* java-21-openj9-demo 21.0.11.0-2.1
* java-21-openj9-devel 21.0.11.0-2.1
* java-21-openj9-headless 21.0.11.0-2.1
* java-21-openj9-javadoc 21.0.11.0-2.1
* java-21-openj9-jmods 21.0.11.0-2.1
* java-21-openj9-src 21.0.11.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-1188.html