Critical Shellcode Injection Vulnerability in openSUSE Build Service
A critical vulnerability (CVE-2026-56004) with a CVSS score of 10 has been discovered in the obs tar_scm source service before version 0.12.4. This vulnerability allows attackers to inject shellcode and execute code as the source service or local user. Immediate action is required to update to version 0.12.4 or later.