6 matches found
CVE-2026-3341
IBM Langflow Desktop 1.0.0 through 1.9.2 IBM Langflow is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
CVE-2026-3341
CVE-2026-3341 affects IBM Langflow Desktop 1.0.0–1.9.2. The root cause is a TOCTOU DNS rebinding flaw in SSRF protection: validate_url_for_ssrf() uses socket.getaddrinfo(), while httpx.AsyncClient() conducts a separate DNS lookup during connection, allowing an attacker-controlled DNS domain with ...
RHSA-2026:3341 Red Hat Security Advisory: containernetworking-plugins security update
Bulletin has no description...
Oracle Linux 9 : containernetworking-plugins (ELSA-2026-3341)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3341 advisory. - Rebuild for new golang to address CVE-2025-61726 - rebuild for CVE-2025-22871 Tenable has extracted the preceding description block directly from the...
RHEL 9 : containernetworking-plugins (RHSA-2026:3341)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3341 advisory. The Container Network Interface CNI project consists of a specification and libraries for writing plug- ins for configuring network interfac...
EUVD-2026-3341
HackerOne community member Jad Ghamloush 0xjad has reported an authorization bypass vulnerability in the tracker-delete.php script of Revive Adserver. Users with permissions to delete trackers are mistakenly allowed to delete trackers owned by other accounts...