TL;DR
This is not the scariest week of the year, but it is a good reminder that “internal” tooling is not automatically low-risk. IDE extensions, CI systems, workflow tools, app dependencies, and package managers are all part of the attack surface now.
The fastest win is probably browser and extension hygiene. The more important operational work is checking where your tooling is trusted by default: developer workstations, automation platforms, internal repos, and anything that fetches URLs on behalf of users.
What I’d Patch First
1. CVE-2026-12856 — vscode-java / Red Hat Java extension for VS Code
This is the one I’d start with on developer workstations. The vscode-java extension trusts Markdown content in JavaDoc hover popups. A crafted Java file can hide a malicious link, and if a developer clicks it inside a trusted workspace, the attacker can run arbitrary VS Code commands.
That click requirement matters, but it does not make this harmless. Developers open code from vendors, repos, contractors, demos, forks, and internal experiments all the time. If you manage developer endpoints, update the extension and remind teams that “trusted workspace” does not mean “trusted content.”
Action:
Update vscode-java, check extension inventory where possible, and encourage caution with unfamiliar Java repos.
2. CVE-2026-25707 — libzypp / zypper
This is a package-manager trust boundary problem. A malicious repository can exploit path traversal in libzypp and overwrite arbitrary files during refresh or install. Since package operations run with elevated privileges, that can turn into local privilege escalation.
The practical risk depends on your repo hygiene. If you only use vendor repos, it is lower. If your SUSE/openSUSE systems have third-party, internal, legacy, or vendor-provided repos bolted on over time, it is worth checking.
Action: patch libzypp/zypper and audit enabled repositories, especially on long-lived servers.
Action
Patch libzypp/zypper and audit enabled repositories, especially on long-lived servers.
3. CVE-2026-13676 — fast-uri
This one is for application teams, but ops should know about it. fast-uri does not consistently convert internationalized hostnames to ASCII the same way Node’s built-in URL parser or fetch may handle them. If an app uses fast-uri to enforce hostname rules, then hands the same URL to Node for the real request, the two parsers can disagree about what host is being accessed.
That is the kind of bug that turns “we block internal addresses” into “we thought we blocked internal addresses.”
Action
Update fast-uri and review apps that use URL parsing for SSRF protection, redirect validation, webhooks, proxying, or allow/block lists.
Patch Queue
| Priority | CVE | Product / Area | Severity | CVSS | Operator note |
|---|---|---|---|---|---|
| 1 | CVE-2026-12856 | vscode-java / VS Code Java extension | HIGH | 8.8 | Malicious JavaDoc hover content can lead to VS Code command execution after a click. |
| 2 | CVE-2026-25707 | libzypp / zypper | HIGH | 8.8 | Malicious repo can overwrite files during package operations running as root. |
| 3 | CVE-2026-13676 | fast-uri | HIGH | 7.5 | URL parser mismatch can bypass hostname checks used for SSRF or redirect controls. |
| 4 | CVE-2026-56270 | Flowise | HIGH | 7.5 | OAuth secrets exposure. Prioritize if Flowise is reachable beyond trusted admins. |
| 5 | CVE-2026-11800 | Keycloak | HIGH | 8.1 | Identity stack issue. Move up the queue if Keycloak is public or federated. |
| 6 | CVE-2026-56351 | n8n | HIGH | 8.2 | Prioritize automation servers connected to production data or privileged integrations. |
| 7 | CVE-2026-13028 | Chrome / Chromium | CRITICAL | 9.6 | Part of the Chrome stable update batch. Push through browser management. |
| 8 | CVE-2026-13032 | Chrome / Chromium | CRITICAL | 9.6 | Same Chrome batch. Deploy with the rest of the browser fixes rather than tracking alone. |
| 9 | CVE-2026-54699 | Warp | HIGH | 7.7 | Developer workstation terminal exposure. Update managed Warp clients. |
| 10 | CVE-2026-52783 | OpenProject | HIGH | 8.2 | Prioritize internet-facing project management instances. |
| 11 | CVE-2026-58370 | Woodpecker CI | HIGH | 8.1 | CI approval gate bypass risk through spoofable commit author names. |
| 12 | CVE-2026-10564 | IBM Langflow OSS 1.0.0 | HIGH | 8.2 | Check AI/workflow tooling deployments, especially shared or exposed instances. |
| 13 | CVE-2026-12975 | Red Hat-tracked component | HIGH | 8.5 | Verify whether the affected package is present in your Red Hat estate. |
| 14 | CVE-2026-13325 | Red Hat-tracked component | HIGH | 8.5 | High score, but needs product validation before it drives emergency work. |
| 15 | CVE-2026-58302 | LinuxCNC | HIGH | 8.4 | Narrower audience, but important for CNC/OT-style environments. |
Overflow worth scanning
The overflow list is too long to be useful as a wall of CVEs, so I’d scan it by cluster instead:
Chrome / Chromium: several related CVEs from the same stable update batch, including CVE-2026-13025, CVE-2026-13026, CVE-2026-13027, CVE-2026-13029, CVE-2026-13031, CVE-2026-13033, CVE-2026-13035, CVE-2026-13036, and CVE-2026-13038.
Identity and access: more Keycloak items show up in overflow, including CVE-2026-9800, CVE-2026-9099, and CVE-2026-9086.
Edge and proxy infrastructure: Envoy has multiple HIGH entries, including CVE-2026-47220, CVE-2026-48042, CVE-2026-48044, and CVE-2026-48743.
DevOps / internal platforms: Kestra, Budibase, OpenProject, Dokku, Rocket.Chat, Jenkins plugins, GitLab, Coolify, Gitea, Appsmith, ToolJet, and Woodpecker all appear in the broader queue.
WordPress/plugin tail: there are a lot of critical and high plugin issues, including SQL injection, broken access control, privilege escalation, CSRF, and XSS. Prioritize anything internet-facing, anything with subscriber/contributor abuse paths, and anything installed on revenue-generating sites.
KEV check
No new KEV additions were included in this week’s payload.
Alert recaps
No alert recaps this week.
Reader Poll
Given this week’s queue, which bucket is most likely to eat your patch time?
You Shipped an AI Feature. Your Database Felt It.
When you add AI to your app, the data profile changes overnight. Every prompt, response, and user interaction becomes a timestamped event. That's not your app's usual row count.
Vanilla Postgres handles it until it doesn't. Query times creep up. Dashboard refreshes slow down. You start reaching for a second database or a data pipeline to offload the load.
TimescaleDB extends Postgres for exactly this. It doesn't replace what's working. It makes Postgres stay fast as AI-generated data piles up.
Hypertables partition your data automatically as volume grows. Hypercore compression cuts storage 10x. Continuous aggregates keep your dashboards live without re-querying everything. No pipeline. No second database. No migration.
Same Postgres. Same SQL. Just built to handle what AI features actually generate.

