Hello TUXEDO Fans and Open-Source Enthusiasts!
The Linux Foundation has launched the initiative Akrites together with partners such as AWS, Google, Microsoft, IBM, NVIDIA, and other major industry players. The goal is to better protect open-source software against AI-driven attack tools. At its core, the project establishes a shared Security Incident Response Team that centrally coordinates and systematically processes vulnerability reports.
The growing use of AI is noticeably changing the threat landscape. Vulnerabilities in open-source projects can now be identified much faster than before, bringing both opportunities for improved security and new risks. For the developer community, this introduces additional challenges: while AI unlocks new possibilities, it also increases the attack surface and the pressure on maintainers and projects.
Beyond these security-focused developments, this issue also highlights practical tools and tips for everyday desktop use. We take a look at QOwnNotes, a versatile Markdown editor, and the Minimalist Animated Weather widget, which brings weather forecasts directly to the Plasma desktop. As usual, we also summarize all current updates and security-related changes in TUXEDO OS.
Enjoy reading,
The TUXEDO OS Team
Note: With the TWIX series, we keep you up to date with the latest developments around TUXEDO OS. We also introduce interesting applications and share practical tips and tricks for the KDE desktop and TUXEDO OS. At the same time, TWIX thrives on your feedback. We always welcome your suggestions, topic ideas, and proposals for improvement. Feel free to join the discussion in our TWIX thread on Reddit , where you can reach us directly. Of course, you are also welcome to contact us via any of our other social media channels.
Updates for TUXEDO and TUXEDO OS
TUXEDO
fai v6.0.5–2.5.3
Removed nomodeset for UBUNTU_2604_GNOME .
TUXEDO OS
Firefox 152.0.4
Thunderbird 140.12.1esr
Chromium 150.0.7871.46
tuxedo-calamares-configuration v4.4.0
Fixed an issue that prevented Calamares from being found under GNOME.
Replaced the distribution logos.
Ubuntu ISO
Current installation image
Includes the latest package updates.
Fixed a localization issue where some interface elements, such as network connections and audio input/output labels in the volume applet, were still displayed in German after the initial setup (language selection).
KDE App of the Week: Taking Notes withz QOwnNote
Notes are the salt in the soup of everyday computer use. At least that is the impression you get when looking at the sheer number of applications designed to help you remember things. We have already featured several interesting representatives of this category, such as KDE Marknote and KleverNote . Today, we would like to introduce another member of this family: QOwnNotes .
Cross-platform
QOwnNotes is a cross-platform note-taking application written in C++ and based on the Qt framework. It uses Qt for its graphical user interface and is available for Linux, macOS, and Windows. The application stores all notes as plain Markdown files on your local drive, making it independent of proprietary platforms. At the same time, it offers a feature set that goes far beyond that of a simple text editor.
QOwnNotes is aimed at users who want to keep full control over their data. It works with ordinary Markdown files and directories, is fast, lightweight, and provides numerous features for people who write extensively. Instead of relying on a proprietary database, QOwnNotes deliberately uses the regular file system. This allows notes to be synchronized easily with Git, Syncthing, or virtually any cloud storage service.
Once you’ve got the hang of it, QOwnNotes provides a platform for knowledge bases, documentation, and more. It remains open-source and uses Markdown, an easy-to-learn markup language.
Designed for Nextcloud
QOwnNotes was originally developed as a desktop client for the Nextcloud Notes app. Today, however, it works perfectly well as a standalone application. Users who do not run a Nextcloud instance still get a powerful local knowledge base, while those with a Nextcloud server benefit from seamless synchronization of notes and tasks. LanguageTool can be integrated for spell checking.
Among the latest additions is a built-in MCP (Model Context Protocol) server. It provides a standardized interface that allows external AI applications to access your notes. This makes it possible to integrate local LLMs via Ollama or MCP-compatible AI assistants directly with your personal knowledge base.
With its extensive feature set, QOwnNotes is well suited for traditional note-taking, documentation, journals, and personal knowledge management. It is therefore an attractive alternative to proprietary solutions such as Obsidian or Notion, especially for users who value local Markdown files, open standards, and complete ownership of their data.
Installation
The easiest way to install QOwnNotes is as a Flatpak via the Discover software center or directly from Flathub. Ubuntu users can alternatively install the application from the official PPA . After a short learning curve, QOwnNotes becomes a powerful tool for note-taking, documentation, and personal knowledge management. On first launch, the application informs you that anonymous usage statistics are collected. If desired, this feature can be disabled in the settings.
Info: Are you interested in Plasma development and want to know what new features are planned and which programs have been recently updated? You can find a detailed overview in the weekly column This week in Plasma by KDE developer Nate Graham.
TUXEDO OS Tips & Tricks: Weather Forecast on Your Desktop
We’re currently experiencing a heatwave here in Germany. Nobody is singing „When Will It Be Summer Again?“ anymore. Instead, we probably need a song called „When Will It Finally Be Winter?“ But then again, we Germans always find something to complain about—and if there’s nothing else, it’s the weather. All the more reason to keep an eye on the forecast. With Minimalist Animated Weather , that’s remarkably easy.
The widget displays the current weather with subtle animations. During thunderstorms, matching lightning effects make the forecast even more vivid.
Installation in KDE Plasma
Installing the widget on TUXEDO OS is straightforward. Right-click an empty area of the desktop and select Enter Edit Mode . Next, click Add or Manage Widgets… in the top-left corner, then choose Get New… → Download New Widgets . Use the search field to find the widget and install it by clicking Install . Once installed, simply drag it from the sidebar onto your desktop.
Install the widget directly from the KDE Store with just a few clicks. Then simply drag it from the sidebar onto your desktop.
The widget automatically determines your location based on your IP address and displays the corresponding weather forecast. However, IP-based geolocation isn’t always accurate. If necessary, you can use services such as Geoplaner to determine your latitude and longitude and enter the coordinates manually in the widget’s settings. You’ll also find plenty of options to customize its appearance to your liking.
Always Keep an Eye on the Weather
Once configured, the widget gives you an at-a-glance overview of the current weather and the forecast for the coming days. Weather data is provided by the free weather API from Open-Meteo . The current conditions appear in the upper-right corner, while the entire widget features subtle animations. During thunderstorms, for example, the whole widget briefly flashes with lightning.
The „Minimalist Animated Weather“ widget offers extensive configuration options and brings weather conditions to life with subtle animations. During thunderstorms, realistic lightning effects complete the experience.
The central section with the weather icons is horizontally scrollable. Clicking a day opens detailed charts showing the forecast for temperature, humidity, wind, and UV index. This makes it easy to keep track of changing weather conditions at any time. The only feature still missing is an integrated rain radar.
Ubuntu Security Updates
The Ubuntu security updates listed here are generally incorporated directly into TUXEDO OS. Some updates are only available from Ubuntu for a fee and are therefore not made available to the community until a later date. Unfortunately, we have no control over this:
USN-8500–1: Vim vulnerabilities : Several security issues were fixed in Vim.
IDs: CVE-2026–55895, CVE-2026–57456, CVE-2026–57453, + 5 others
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS, 20.04 LTS, 18.04 LTS, 16.04 LTS, 14.04 LTS
USN-8499–1: Linux kernel (Xilinx) vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43314, CVE-2026–45974, CVE-2025–71291, + 513 others
Affects: Ubuntu 24.04 LTS
USN-8498–1: Linux kernel (NVIDIA Tegra) vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43314, CVE-2026–43248, CVE-2026–45974, + 294 others
Affects: Ubuntu 24.04 LTS
USN-8497–1: Linux kernel (Low Latency) vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43314, CVE-2026–45974, CVE-2025–71291, + 318 others
Affects: Ubuntu 24.04 LTS, 22.04 LTS
USN-8492–2: Linux kernel vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43314, CVE-2026–43248, CVE-2026–45974, + 296 others
Affects: Ubuntu 24.04 LTS, 22.04 LTS
USN-8496–1: cifs-utils vulnerability : cifs-utils could be made to run programs as an administrator.
IDs: CVE-2026–12505
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8495–1: nghttp2 vulnerability : nghttp2 could allow unintended access to network services.
IDs: CVE-2026–58055
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8494–1: LibVNCServer vulnerability : LibVNCServer could be made to crash or run programs if it received specially crafted network traffic.
IDs: CVE-2026–50538
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8492–1: Linux kernel vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43226, CVE-2026–43414, CVE-2026–45886, + 296 others
Affects: Ubuntu 24.04 LTS, 22.04 LTS
USN-8491–1: Linux kernel (OEM) vulnerabilities : Several security issues were fixed in the Linux kernel.
IDs: CVE-2026–43304, CVE-2026–43402, CVE-2026–31659, + 59 others
Affects: Ubuntu 24.04 LTS
USN-8487–1: curl vulnerabilities : Several security issues were fixed in curl.
IDs: CVE-2026–8286, CVE-2026–9080, CVE-2026–8458, + 7 others
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS, 20.04 LTS, 18.04 LTS, 16.04 LTS, 14.04 LTS
USN-8486–1: libssh2 vulnerabilities : Several security issues were fixed in libssh2.
IDs: CVE-2026–55200, CVE-2026–55199, CVE-2025–15661
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS
USN-8484–1: GD.pm vulnerability : GD.pm could be made to run programs or overwrite files if it opened a specially crafted file.
IDs: CVE-2026–11526
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8483–1: HPLIP vulnerabilities : Several security issues were fixed in HPLIP.
IDs: CVE-2026–8632, CVE-2026–8631
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8481–1: NSS vulnerability : NSS could be made to crash or expose sensitive information if it received specially crafted input.
IDs: CVE-2026–12318
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS
USN-8480–1: SQLite vulnerabilities : Several security issues were fixed in SQLite.
IDs: CVE-2026–11824, CVE-2026–11822
Affects: Ubuntu 26.04 LTS, 25.10, 24.04 LTS, 22.04 LTS