CVE-2026-42544

Granian is a Rust HTTP server for Python applications. From 1.2.0 to 2.7.4, Granian aborts a worker process when an unauthenticated client sends a WebSocket upgrade request whose Sec-WebSocket-Protocol header contains non-ASCII bytes. The crash happens in Granian's WebSocket scope construction...

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. Vulnerable from 0.2.0 up to 2.7.4, where the WSGI response conversion path uses .unwrap() on header name and value constructors; malformed headers trigger a worker process abort instead of handling the error. This results in a Denial of Servi...

CVE-2026-42544

CVE-2026-42544 (Granian) affects Granian versions 1.2.0–2.7.4, where an unauthenticated client sending a WebSocket upgrade request with a non-ASCII Sec-WebSocket-Protocol header causes the server to abort the worker in the WebSocket scope construction path, yielding an unauthenticated DoS. The cr...

Improper Handling of Exceptional Conditions

Overview granian is an A Rust HTTP server for Python applications Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through the WSGI response conversion process. An attacker can cause the worker process to abort by supplying or influencing invalid HTT...

CVE-2026-4860

A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. This affects the function GenericFastJsonRedisSerializer of the file src/main/java/com/genersoft/iot/vmp/conf/redis/RedisTemplateConfig.java of the component API Endpoint. The manipulation results in deserialization. It...

PT-2026-28653

Name of the Vulnerable Software and Affected Versions 648540858 wvp-GB28181-pro versions up to 2.7.4 Description A security flaw exists in the 648540858 wvp-GB28181-pro software. The issue is related to deserialization within the GenericFastJsonRedisSerializer function located in the file...

wvp-GB28181-pro 代码问题漏洞

WVP-GB28181-Pro is a video monitoring platform developed by individual developer 648540858. Versions of WVP-GB28181-Pro 2.7.4 and earlier have code vulnerabilities. These vulnerabilities stem from a deserialization issue in the function GenericFastJsonRedisSerializer within the component API...

CVE-2026-3966 648540858 wvp-GB28181-pro IP Address ABLMediaNodeServerService.java getDownloadFilePath server-side request forgery

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

CVE-2026-25338

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

CVE-2026-25338

Missing Authorization vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through = 2.7.4...

CVE-2026-25338

CVE-2026-25338 concerns the WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS (versions through 2.7.4). Connected sources describe a Broken Access Control / Missing Authorization issue caused by misconfigured access control security levels, potentially enabling unauthorized ac...

PT-2026-20705

Name of the Vulnerable Software and Affected Versions Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS versions through 2.7.4 Description An authorization issue exists in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant, stemming from incorrectly...

WordPress plugin AI ChatBot with ChatGPT and Content Generator by AYS 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Fedora: Security Advisory (FEDORA-2026-37324381f3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : mingw-expat (2026-37324381f3)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-37324381f3 advisory. Update to expat-2.7.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 42 : mingw-expat (2026-298986b2a3)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-298986b2a3 advisory. Update to expat-2.7.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

[R1] Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities

R1 Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities Arnie Cabral Thu, 02/05/2026 - 02:13 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components expat was found to contain vulnerabilities, and updated versions have been mad...

[R1] Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities

R1 Nessus Versions 10.10.2 and 10.11.2 Fix Multiple Vulnerabilities Arnie Cabral Thu, 02/05/2026 - 02:13 Nessus leverages third-party software to help provide underlying functionality. One of the third-party components expat was found to contain vulnerabilities, and updated versions have been mad...

SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...