CVE-2026-1681

creationtimestamp| type| source ---|---|--- 2026-05-12 09:09:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlngwl2gxq2o...

CVE-2026-1681

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

MAL-2026-1681 Malicious code in chai-promised-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48b1d1fa87c7390aa0257628dfbbff9d4a72745789925a041968bcd789764340 The package chai-promised-cli was found to contain malicious code...

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7612-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-e5558a889a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Flask_Cors affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-1681].

Summary The FlaskCors package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-1681. Vulnerability Details CVEID:CVE-2024-1681 DESCRIPTION: Flask-CORS could allow a remote attacker to bypass security restrictions, caused by ...

Security Bulletin: QRadar Advisor With Watson for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. QRadar Advisor With Watson for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could...

Security Bulletin: Vulnerability in Flask-Cors affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2024-1681]

Summary The Flask-Cors package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2024-1681. Vulnerability Details CVEID:CVE-2024-1681 DESCRIPTION: Flask-CORS could allow a remote attacker to bypass security restrictions, caused ...

Linux Distros Unpatched Vulnerability : CVE-2024-1681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - corydolphin/flask-cors is vulnerable to log injection when the log level is set to debug. An attacker can inject fake log entries into the log file by sending a...

CVE-2025-1681

creationtimestamp| type| source ---|---|--- 2025-02-28 00:25:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5826 2025-02-28 01:53:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj7ccvb7cg2p 2025-02-28 03:38:54+00:00| seen| https://t.me/cvedetector/19112...

CVE-2025-1681

The Cardealer theme for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check and missing filename sanitization on the demo theme scheme AJAX functions in versions up to, and including, 1.6.4. This makes it possible for authenticated...

CVE-2025-1681 Cardealer <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Change and Delete JS and CSS Files

The Cardealer theme for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check and missing filename sanitization on the demo theme scheme AJAX functions in versions up to, and including, 1.6.4. This makes it possible for authenticated...

CVE-2025-1681

CVE-2025-1681 (Cardealer theme, WordPress) affects Cardealer up to version 1.6.4. The issue stems from a missing capability check and missing filename sanitization in the demo theme scheme AJAX functions, enabling authenticated attackers (subscriber level and above) to change or delete arbitrary ...

CVE-2022-1681

Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions...

Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, Flask_Cors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171

Summary Security Bulletin: IBM Maximo Application Suite - MVI Component uses tar-6.2.0.tgz, FlaskCors-3.0.10-py2.py3-none-any.whl, bcprov-jdk18on-1.72.jar which are vulnerable to CVE-2024-28863, CVE-2024-1681 and CVE-2024-30171 Vulnerability Details CVEID:CVE-2024-28863 DESCRIPTION: isaacs node-t...

CVE-2024-20117

In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1681...

CVE-2024-20117

In vdec, there is a possible out of bounds read due to improper structure design. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09008925; Issue ID: MSV-1681...

GHSA-PP84-V3MW-GG4W Taipy 3.1.1 affected by CVEs on flask-core and pymongo

Summary Indirect CVEs affect Taipy 3.1.1 Details Taipy 3.1.1 is affected by two existing CVEs: CVE-2024-1681 affects flask-core =3.1.2 and on major releases: =4.0.0 Impact pre-commit breaks when using dependency Taipy 3.1.1...

cashd (>=0.1.0 <=0.2.2) potentially affected by CVE-2024-1681 +1 more via taipy (>=3.1.0 <=3.1.1)

taipy PYPI version =3.1.0, =0.1.0, =0.2.2 Source cves: CVE-2024-1681, CVE-2024-5629 Source advisory: OSV:GHSA-PP84-V3MW-GG4W...