CVE-2026-40910

frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser...

Tekton Pipelines 安全漏洞

Tekton Pipelines is a cloud-native pipeline developed by Tekton Open Source. There are security vulnerabilities in versions 0.43.0 to 1.11.0 of Tekton Pipelines. These vulnerabilities stem from improper regular expression matching, which could allow attackers to bypass resource verification...

CVE-2026-24049 affecting package python-wheel for versions less than 0.43.0-2

CVE-2026-24049 affecting package python-wheel for versions less than 0.43.0-2. A patched version of the package is available...

PT-2022-18672 · Osisoft · Osisoft-Pi-Web-Connector

Name of the Vulnerable Software and Affected Versions: osisoft-pi-web-connector versions 0.15.0 through 0.43.0 Description: The Foundry Magritte plugin osisoft-pi-web-connector was found to be logging in a manner that captured authentication requests. Recommendations: For osisoft-pi-web-connector...