40714 matches found
CVE-2026-44342
CVE-2026-44342 describes a CSRF vulnerability in the New API where GET requests on state-changing endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind could allow an attacker to bind an email or OAuth identity for a logged-in user when session cookies are susceptible to cross-site n...
CVE-2026-44342 New API CSRF in email and WeChat account binding endpoints
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing a...
CVE-2026-44342 New API CSRF in email and WeChat account binding endpoints
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing a...
CVE-2026-33655 New API: SSRF Protection Bypass via Unresolved Hostname in Notification URLs
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/blo...
CVE-2026-33655 New API: SSRF Protection Bypass via Unresolved Hostname in Notification URLs
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/blo...
[SECURITY] [DSA 6385-1] pgextwlist security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6385-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 08, 2026 https://www.debian.org/security/faq -...
CVE-2026-53357 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53357 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-48618 affecting package nodejs for versions less than 24.17.0-1
CVE-2026-48618 affecting package nodejs for versions less than 24.17.0-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53034 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53034 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-52963 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-52963 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-52985 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-52985 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53037 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53037 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53022 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53022 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53001 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53001 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-52962 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-52962 affecting package kernel for versions less than 6.6.143.1-1. A patched version of the package is available...
CVE-2026-53004 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53004 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53356 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53356 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53329 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53329 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-53355 affecting package kernel for versions less than 6.6.143.1-1
CVE-2026-53355 affecting package kernel for versions less than 6.6.143.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2026-10698
CVE-2026-10698 is an Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer, specifically affecting the Custom Reports module . Affected versions are MOVEit Transfer 2025.0.0–before 2025.0.8, 2025.1.0–before 2025.1.4, and 2026.0.0–before 2026.0.1...