GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. There is a security vulnerability in gnutls, which stems from the incorrect matching of usernames containing the NUL character with truncated username...

RockyLinux 8 : dovecot (RLSA-2026:13830)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13830 advisory. dovecot: ManageSieve: Denial of Service via crafted SASL initial response in AUTHENTICATE command CVE-2025-59032 dovecot: denial of service via crafted...

Yarbo 安全漏洞

Yarbo is a modular intelligent courtyard maintenance robot developed by the American company Yarbo. Version 2.3.9 of Yarbo contains a security vulnerability. This vulnerability stems from a hidden persistent backdoor, which may allow unauthorized, remote access with weak authentication to...

CVE-2026-30495

The Optoma CinemaX P2 projector firmware TVOS-04.24.010.04.01, Android 8.0.0 exposes Android Debug Bridge ADB on TCP port 5555 over the network without requiring authentication. The device is configured with ro.adb.secure=0, which disables RSA key verification. Additionally, a functional su binar...

CI4MS 代码问题漏洞

CI4MS is an open-source blog page management tool developed by Ci4MS. There were code issues and vulnerabilities in versions of CI4MS from 0.26.0 to 0.31.8.0. These vulnerabilities stemmed from the auth filter disabling the check for banning/banned users...

telnetd 2.7 - Buffer Overflow

Exploit Title: telnetd 2.7 - Buffer Overflow Google Dork: N/A Date: 2026-04-03 Exploit Author: Jeff Barron jeffaf Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: inetutils-telnetd through 2.7 patch pending in next release Tested...

Session cookies can be replayed after user logout

Impact Admin session cookies were not invalidated when an admin user logged out. An attacker with access to a valid admin session cookie could continue to access admin functionality after logout, until the cookie expired or session secrets were rotated. This affects applications using Koi admin...

PT-2026-38381

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.30.0 Description The ExifTool metadata write blocklist can be bypassed using group-prefix syntax, allowing an attacker to perform arbitrary file rename, move, hardlink, and symlink creation on the server. The...

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Prior to Admidio 5.0.9, there were security vulnerabilities. These vulnerabilities stemmed fr...

PT-2026-38588

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An authentication bypass allows an unauthenticated attacker to create a local user account, bypassing the configured external identity provider. When external authentication is enable...

A UEFI System with SPDM to Protect against Unauthorized Device Connections

Attackers willing to compromise computing systems can use malicious peripherals as an attack vector, threatening users that cannot verify the hardware's authenticity. To address this problem, our work uses the Security Protocol and Data Model to propose a UEFI system capable of authenticating PCI...

PT-2026-38405

Name of the Vulnerable Software and Affected Versions ShellHub versions prior to 0.24.2 Description An issue exists where the endpoint "/api/namespaces/:tenant" returns the complete namespace object to any caller authenticated via an API Key, regardless of the API Key's tenant scope. This object...

Istio 代码问题漏洞

Istio is an open-source platform that connects, manages, and protects microservices. Versions of Istio prior to 1.28.6 and 1.29.2 have code vulnerabilities. These vulnerabilities arise when creating a RequestAuthentication resource that points to an internal service’s jwksUri, and Istio does not...

Hitachi Virtual Storage Platform和Hitachi Virtual Storage Platform One Block 安全漏洞

Hitachi Virtual Storage Platform and Hitachi Virtual Storage Platform One Block are products of Hitachi, a Japanese company. Hitachi Virtual Storage Platform is a series of computer data storage systems used in data centers. Hitachi Virtual Storage Platform One Block is a high-performance block...

RHEL 9 : nginx (RHSA-2026:14836)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14836 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...

CLSA-2026-1778111838 httpd: Fix of 9 CVEs

CVE-2026-24072: fix modrewrite apexpr privilege escalation in htaccess - CVE-2026-28780: fix modproxyajp ajpmsgcheckheader buffer over-read - CVE-2026-29169: fix moddavlock NULL pointer dereference - CVE-2026-33006: fix modauthdigest timing attack - CVE-2026-33007: fix modauthnsocache NULL...

GHSA-9W9C-9W8M-W89Q ShellHub has cross-tenant IDOR in `GET /api/sessions/:uid` that discloses SSH session data

Summary GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by the caller's tenant. An authenticated user can read session records SSH username, device UID, remote IP, terminal type, authenticated flag, timestamps belonging to any other namespace...

Axonflow fixed bugs by implementing multi-tenant isolation and access-control hardening

Summary Eight independently-filed bug fixes in the v7.1.3 → v7.5.0 release window collectively close a set of multi-tenant isolation, access-control, and policy-enforcement defects in the AxonFlow platform. They are filed as a single consolidated advisory because the recommended remediation is a...

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

╔═════════════════════════════════════════════════════════...

GHSA-PJV4-3C63-699F opentelemetry-collector-contrib's azureauthextension Authenticate method does not validate bearer tokens, allowing auth bypass via replay

Summary A server-side authentication bypass in azureauthextension allows any party who holds a single valid Azure access token for any scope the collector's configured identity can mint for to authenticate to any OpenTelemetry receiver that uses auth: azureauth. The extension's Authenticate metho...