Claude Opus

**Name of the Vulnerable Software and Affected Versions** SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 **Description** The `GpplDocumentLinkHandler` resolves the `filename` directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths, calling `File.Exists` to determine if a link should be rendered. This allows for information disclosure through path probing and NTLM hash leaks via UNC path probing. **Recommendations** Update to version 1.0.2.

**Name of the Vulnerable Software and Affected Versions** Postfix versions prior to 3.8.16 Postfix versions 3.9 prior to 3.9.10 Postfix versions 3.10 prior to 3.10.9 **Description** A buffer over-read can occur, potentially leading to a process crash, when an enhanced status code is used that lacks text after the third number. **Recommendations** Update to version 3.8.16 or later. Update to version 3.9.10 or later. Update to version 3.10.9 or later.

**Name of the Vulnerable Software and Affected Versions** xen (affected versions not specified) **Description** Security issues were identified and addressed in the xen-4.21.1 04-1.1 package on the GA media of openSUSE Tumbleweed. **Recommendations** Update to the xen-4.21.1 04-1.1 package.