SUSE Linux Micro libzypp Vulnerabilities Addressed in Recent Updates

SUSE has released updates for its libzypp package to address two moderate vulnerabilities affecting SUSE Linux Micro 6.0 and 6.1. The vulnerabilities, identified as CVE-2026-44941 and CVE-2026-44942, involve path traversal attacks that could allow unauthorized access to sensitive files. CVE-2026-44941 affects the 'keyhint' feature, while CVE-2026-44942 pertains to optional paths in .repo files. Both vulnerabilities have been rated moderate in severity, with CVSS scores ranging from 6.0 to 7.5. Users are urged to apply the updates promptly to mitigate potential exploitation risks. The updates were released on June 9, 2026, for both versions. The vulnerabilities were confirmed by SUSE's advisory reports.

Key Points: • SUSE released updates for libzypp addressing two moderate vulnerabilities. • CVE-2026-44941 and CVE-2026-44942 involve path traversal attacks. • Affected systems include SUSE Linux Micro 6.0 and 6.1; users should update promptly.