CVE-2026-21826

HCL Digital Experience and HCL Digital Experience Compose could be susceptible to Host header injection. An attacker can manipulate the Host header and cause the application to behave in unexpected ways...

Siemens SIMATIC Devices Improper Input Validation (CVE-2025-21826)

netfilter: nftables: reject mismatching sum of fieldlen with set key length. The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapoinit. The set key length provides the...

CVE-2022-21826

Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up prefixing the next HTTP request sent down...

BELL-CVE-2025-21826

Bulletin has no description...

DEBIAN-CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

CVE-2025-21826

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

CVE-2025-21826 netfilter: nf_tables: reject mismatching sum of field_len with set key length

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...

Linux Distros Unpatched Vulnerability : CVE-2025-21826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length...

CVE-2024-21826

creationtimestamp| type| source ---|---|--- 2024-03-04 08:26:51+00:00| seen| https://t.me/ctinow/199069 2024-03-04 08:31:23+00:00| seen| https://t.me/ctinow/199077...

CVE-2024-21826

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-21826

OpenHarmony has a local-information-disclosure vulnerability (CVE-2024-21826) affecting v3.2.4 and earlier, attributed to insecure storage in the Huks component. A local attacker can access sensitive data due to improper storage protections. Remediation: upgrade to a version newer than 3.2.4; a t...

CVE-2024-21826 Huks has an insecure storage of sensitive information vulnerability

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

SA45476 - Client Side Desync Attack (Informational)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Portswigger has provided a responsible disclosure of a vulnerability that affects the Pulse Collaboration feature. Their write up can be found here:...

CVE-2023-21826

Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications component: Reporting. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracl...

CVE-2023-21826

Oracle Hospitality Reporting and Analytics (Reporting component) is affected in version 9.1.0 due to insufficient input validation. An attacker with network access via HTTPS and low privileges, after user interaction, can gain unauthorized access to critical data, obtain complete access to all ac...

CVE-2023-21826

...

CVE-2023-21826

...

CVE-2022-21826

creationtimestamp| type| source ---|---|--- 2022-09-30 20:36:26+00:00| seen| https://t.me/cibsecurity/50786...

CVE-2022-21826

Pulse Connect Secure (Pulse Secure) versions 9.115 and below are affected by a client-side HTTP request smuggling vulnerability. When handling a POST request, the application may ignore the Content-Length header and keep the POST body on the TCP/TLS socket, causing the body to prefix the next HTT...