3.6.1 — Security fixes
For the live, searchable view of all CVE advisories with remediation status, see the Security Advisories.
Fixes provided in 3.6.1
| CAST service | CVE | Severity | Description/Package | Affected CAST release |
|---|---|---|---|---|
| ai-service | CVE-2026-23949 | HIGH | jaraco.context: jaraco.context: Path traversal via malicious tar archives | 3.6.0-funcrel |
| ai-service | CVE-2026-24049 | HIGH | wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking | 3.6.0-funcrel |
| ai-service | CVE-2026-34070 | HIGH | langchain: path traversal in legacy load_prompt functions in langchain-core | 3.6.0-funcrel |
| analysis-node | CVE-2026-27135 | HIGH | nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination | 3.6.0_core8.4.10 |
| analysis-node | CVE-2026-32178 | HIGH | dotnet: Dotnet: SMTP Command Injection and Header Injection via MailAddress parsing flaw | 3.6.0_core8.4.10 |
| analysis-node | CVE-2026-32203 | HIGH | dotnet: .NET: Denial of Service via stack overflow | 3.6.0_core8.4.10 |
| analysis-node | CVE-2026-41066 | HIGH | lxml: lxml is a library for processing XML and HTML in the Python language | 3.6.0_core8.4.10 |
| analysis-node | CVE-2026-4424 | HIGH | libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing | 3.6.0_core8.4.10 |
| analysis-node | CVE-2026-5121 | HIGH | libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing | 3.6.0_core8.4.10 |
| auth-service | CVE-2026-40477 | CRITICAL | thymeleaf: Thymeleaf: Server-Side Template Injection via security bypass in expression execution | 3.6.0-funcrel |
| auth-service | CVE-2026-40478 | CRITICAL | thymeleaf: Thymeleaf: Server-Side Template Injection via expression execution bypass | 3.6.0-funcrel |
| dashboards-v3 | CVE-2026-29129 | HIGH | Apache Tomcat: Apache Tomcat: Configured cipher preference order not preserved | 3.6.0-funcrel |
| dashboards-v3 | CVE-2026-29145 | CRITICAL | Apache Tomcat: Apache Tomcat: Authentication bypass due to CLIENT_CERT soft fail misconfiguration | 3.6.0-funcrel |
| dashboards-v3 | CVE-2026-34483 | HIGH | Apache Tomcat: Apache Tomcat: Information disclosure due to improper encoding in JsonAccessLogValve | 3.6.0-funcrel |
| dashboards-v3 | CVE-2026-34487 | HIGH | Apache Tomcat: Apache Tomcat: Information disclosure via sensitive data in log files | 3.6.0-funcrel |
| etl-service | CVE-2026-32280 | HIGH | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building | 3.6.0-funcrel |
| etl-service | CVE-2026-32281 | HIGH | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation | 3.6.0-funcrel |
| etl-service | CVE-2026-32283 | HIGH | golang: If one side of the TLS connection sends multiple key update messages, it does not properly handle these | 3.6.0-funcrel |
| gateway | CVE-2026-40477 | CRITICAL | thymeleaf: Thymeleaf: Server-Side Template Injection via security bypass in expression execution | 3.6.0-funcrel |
| gateway | CVE-2026-40478 | CRITICAL | thymeleaf: Thymeleaf: Server-Side Template Injection via expression execution bypass | 3.6.0-funcrel |
| neo4j | CVE-2026-1605 | HIGH | org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests | 3.6.0-funcrel |
| neo4j | CVE-2026-2332 | HIGH | org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing | 3.6.0-funcrel |
| neo4j | CVE-2026-32280 | HIGH | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building | 3.6.0-funcrel |
| neo4j | CVE-2026-32281 | HIGH | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation | 3.6.0-funcrel |
| neo4j | CVE-2026-32283 | HIGH | golang: If one side of the TLS connection sends multiple key update messages, it does not properly handle these | 3.6.0-funcrel |
| neo4j | CVE-2026-33870 | HIGH | io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values | 3.6.0-funcrel |
| sso-service | CVE-2025-66293 | HIGH | libpng: LIBPNG out-of-bounds read in png_image_read_composite | 3.6.0-funcrel |
| sso-service | CVE-2026-22016 | HIGH | openjdk: OpenJDK: Enhance Path Factories Redux (Oracle CPU 2026-04) | 3.6.0-funcrel |
| sso-service | CVE-2026-22020 | HIGH | openjdk: OpenJDK: Update LibPNG (Oracle CPU 2026-04) | 3.6.0-funcrel |
| sso-service | CVE-2026-25646 | HIGH | libpng: LIBPNG has a heap buffer overflow in png_set_quantize | 3.6.0-funcrel |
| sso-service | CVE-2026-26740 | HIGH | giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension | 3.6.0-funcrel |
| sso-service | CVE-2026-33870 | HIGH | io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values | 3.6.0-funcrel |
| sso-service | CVE-2026-33871 | HIGH | netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood | 3.6.0-funcrel |
| sso-service | CVE-2026-34282 | HIGH | openjdk: OpenJDK: Enhance TLS connection handling (Oracle CPU 2026-04) | 3.6.0-funcrel |
| sso-service | CVE-2026-4878 | HIGH | libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() | 3.6.0-funcrel |
| viewer | CVE-2026-32280 | HIGH | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building | 3.6.0-funcrel |
| viewer | CVE-2026-32281 | HIGH | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation | 3.6.0-funcrel |
| viewer | CVE-2026-32283 | HIGH | golang: If one side of the TLS connection sends multiple key update messages, it does not properly handle these | 3.6.0-funcrel |
Known security issues (not yet fixed)
| CAST service | CVE | Severity | Description/Package | Affected CAST release |
|---|---|---|---|---|
| ai-service | CVE-2025-69720 | HIGH | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | 3.6.1-funcrel |
| ai-service | CVE-2026-3298 | HIGH | python: asyncio.ProacterEventLoop sock_recvfrom_into() missing boundary check | 3.6.1-funcrel |
| ai-service | CVE-2026-4786 | HIGH | python: Mitigation of CVE-2026-4519 was incomplete — %action bypass | 3.6.1-funcrel |
| ai-service | CVE-2026-5435 | HIGH | glibc: The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer | 3.6.1-funcrel |
| ai-service | CVE-2026-6100 | CRITICAL | python: Use-after-free (UAF) possible in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile | 3.6.1-funcrel |
| analysis-node | CVE-2025-26646 | HIGH | dotnet: .NET and Visual Studio Spoofing Vulnerability | 3.6.1_core8.4.10 |
| analysis-node | CVE-2025-55247 | HIGH | dotnet: .NET Denial of Service Vulnerability | 3.6.1_core8.4.10 |
| analysis-node | CVE-2025-67030 | HIGH | org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method | 3.6.1_core8.4.10 |
| analysis-node | CVE-2025-69720 | HIGH | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | 3.6.1_core8.4.10 |
| analysis-node | CVE-2026-23949 | HIGH | jaraco.context: jaraco.context: Path traversal via malicious tar archives | 3.6.1_core8.4.10 |
| analysis-node | CVE-2026-24049 | HIGH | wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking | 3.6.1_core8.4.10 |
| analysis-node | CVE-2026-26171 | HIGH | dotnet: .NET: Security Bypass and Denial of Service Vulnerability | 3.6.1_core8.4.10 |
| analysis-node | CVE-2026-29111 | HIGH | systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data | 3.6.1_core8.4.10 |
| analysis-node | CVE-2026-33116 | HIGH | dotnet: .NET: Denial of Service via Infinite Recursion in XmlDecryptionTransform | 3.6.1_core8.4.10 |
| etl-service | CVE-2026-32316 | HIGH | jq: An integer overflow vulnerability exists through version 1.8.1 | 3.6.1-funcrel |
| etl-service | CVE-2026-35385 | HIGH | openssh: A file downloaded by scp may be installed setuid or setgid | 3.6.1-funcrel |
| etl-service | CVE-2026-3805 | HIGH | curl: Use-after-free via SMB connection reuse | 3.6.1-funcrel |
| imaging-apis | CVE-2026-32316 | HIGH | jq: An integer overflow vulnerability exists through version 1.8.1 | 3.6.1-funcrel |
| imaging-apis | CVE-2026-3805 | HIGH | curl: Use-after-free via SMB connection reuse | 3.6.1-funcrel |
| neo4j | CVE-2025-15281 | HIGH | neo4j | 3.6.1-funcrel |
| neo4j | CVE-2025-69720 | HIGH | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | 3.6.1-funcrel |
| neo4j | CVE-2026-0861 | HIGH | glibc: Integer overflow in memalign leads to heap corruption | 3.6.1-funcrel |
| neo4j | CVE-2026-0915 | HIGH | neo4j | 3.6.1-funcrel |
| neo4j | CVE-2026-29111 | HIGH | systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data | 3.6.1-funcrel |
| neo4j | CVE-2026-33871 | HIGH | netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood | 3.6.1-funcrel |
| neo4j | CVE-2026-5435 | HIGH | glibc: The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer | 3.6.1-funcrel |
| neo4j | GHSA-72hv-8253-57qq | HIGH | jackson-core: Non-blocking (async) JSON parser bypasses the maxNumberLength constraint | 3.6.1-funcrel |
| sso-service | CVE-2025-59250 | HIGH | JDBC Driver for SQL Server has improper input validation issue | 3.6.1-funcrel |
| sso-service | CVE-2025-69720 | HIGH | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | 3.6.1-funcrel |
| sso-service | CVE-2026-2603 | HIGH | keycloak: Keycloak: Unauthorized authentication via disabled SAML Identity Provider | 3.6.1-funcrel |
| sso-service | CVE-2026-29111 | HIGH | systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data | 3.6.1-funcrel |
SSO Service image is based on the Docker Hardened variant of Keycloak 26.5.7. Following security analysis done by Docker Team on this base image and VEX attestation records, the following CVEs were marked as “Not Affected”:
- CVE-2025-59250 - Docker Scout Team comment: False positive. The image ships mssql-jdbc 13.2.1.jre11, which the advisory lists as the fixed version. Scout strips the .jre11 classifier in its SBOM, so an additional statement is required to match the bare 13.2.1 PURL.
- CVE-2025-69720 - Docker Scout Team comment: Debian NODSA
- CVE-2026-29111 - Docker Scout Team comment: Debian NODSA
Analysis node fixes are targeted for CAST Imaging Core 8.4.11. The impacts of the changes require further testing to avoid regression, but would have long delayed releases of other images and their related security fixes.
CVE-2026-29111 and CVE-2025-69720 are shared with the SSO Service and are reported by the Docker Scout team as “no-DSA”, a status for CVEs in Debian for issues not requiring an immediate fix:
- CVE-2026-29111 - Debian Security Team considers this CVE as Minor.
- CVE-2025-69720 - Debian NODSA.
AI service image is based on Python Docker Hardened image. According to the suppressed CVEs on this image, most of the known CVEs above have been annotated as “Not Affected”; i.e. Trivy is reporting these issues but they are already fixed, mitigated or are not considered as severe as the CVSS score might suggest.
- CVE-2026-6100: Marked as “Under investigation” and “Not affected” on the same day. Docker Scout Comments: “Under investigation”: Waiting for upstream fix; no fixed version is available yet. “Not affected”: DHI backport applied; follow-up to CVE-2026-4519.
- CVE-2026-3298: Not affected. Docker Scout Comment: DHI backport applied; upstream fix adds boundary check to asyncio.AbstractEventLoop.sock_recvfrom_into() to prevent buffer overflow on Windows.
- CVE-2026-4786: Marked as “Under investigation” and “Not affected” on the same day. Docker Scout Comments: “Under investigation”: Waiting for upstream fix; no fixed version is available yet. “Not affected”: DHI backport applied; follow-up to CVE-2026-4519.
- CVE-2026-5435: “Under investigation”. Docker Scout Comment: No fixed version available from Debian yet. Waiting for upstream glibc/trixie security update.
- CVE-2025-69720: “Not affected”. Docker Scout Comment: Debian NODSA.
Neo4j image is based upon the Docker Hardened Image Debian 13 base. Most system level CVEs reported by tools like Trivy, Grype or Docker Scout are marked as “Not affected” or “Under investigation”. This includes CVE-2026-29111 and CVE-2025-69720. Regarding CVE-2026-33871 and GHSA-72hv-8253-57qq, these require fixes in the neo4j package.