Fedora 44 : openbao (2026-bf7889aec6)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-bf7889aec6 advisory. Update to upstream-2.5.4, including fixes for CVE-2026-46358, CVE-2026-46405, and CVE-2026-45808 Tenable has extracted the preceding description blo...

Fedora 43 : openbao (2026-d4e8f0a731)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d4e8f0a731 advisory. Update to upstream-2.5.4, including fixes for CVE-2026-46358, CVE-2026-46405, and CVE-2026-45808 Tenable has extracted the preceding description blo...

GHSA-7J6W-VVW2-5F9C OpenBao's Kerberos Auth Method Accumulates Unaccessible Tokens

Impact In OpenBao's Kerberos auth method on the GET handler, or when an Authorization: Negotiate header is supplied, the response is includes a logical.Auth object in addition to an error message. This results in tokens being created with only the default policy, default TTL, and no entity...

OpenBao's Inline Auth Incorrectly Redacted Headers

Impact OpenBao's inline auth functionality incorrectly redacted audit log entries, resulting in non-auth headers being removed and auth-related headers being retained in cleartext. This requires an attacker to compromise access to the audit device. Operators should review leaked source...

PT-2026-42809

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.4 Description In the Kerberos authentication method, the GET handler or the use of an Authorization: Negotiate header causes the response to include a logical.Auth object alongside an error message. This leads to...

PT-2026-42808

Name of the Vulnerable Software and Affected Versions OpenBao versions prior to 2.5.4 Description The inline auth functionality incorrectly redacts audit log entries. This causes non-auth headers to be removed while auth-related headers are retained in cleartext. Exploitation requires an attacker...

CVE-2026-6177

The CVE-2026-6177 entry concerns the WordPress plugin Custom Twitter Feeds (versions

CVE-2026-40905 LinkAce: Password Reset Poisoning via X-Forwarded-Host Header Injection Leading to Account Takeover

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host header when generating password reset URLs. By...

CVE-2026-6192

A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...

CVE-2026-39641

Cross-Site Request Forgery CSRF vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through = 2.5.4...

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

EUVD-2026-20301

Cross-Site Request Forgery CSRF vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through = 2.5.4...

CVE-2026-39641

Cross-Site Request Forgery CSRF vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through = 2.5.4...

CVE-2026-39641

The CVE-2026-39641 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability affecting Skywarrior Blackfyre (WordPress) theme blackfyre up to version 2.5.4. Public descriptions across NVD, Red Hat, EUVD, CVE records, and related feeds consistently state that this CSRF issue affects Blackfy...

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

CVE-2026-35516

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

CVE-2026-5125

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...

EUVD-2026-17146

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...

CVE-2026-5125 raine consult-llm-mcp server.ts child_process.execSync os command injection

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...

CVE-2026-5125

A vulnerability was detected in raine consult-llm-mcp up to 2.5.3. Affected by this vulnerability is the function childprocess.execSync of the file src/server.ts. The manipulation of the argument gitdiff.baseref/gitdiff.files results in os command injection. The attack is only possible with local...