CVE-2026-32881

ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...

CVE-2026-32881 ewe has an Overly Permissive List of Allowed Inputs

ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...

CVE-2026-32881

creationtimestamp| type| source ---|---|--- 2026-03-14 21:56:26+00:00| published-proof-of-concept| https://github.com/vshakitskiy/ewe/security/advisories/GHSA-9w88-79f8-m3vp 2026-03-20 02:33:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhi3vem6t2o...

CVE-2022-32881

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system...

CVE-2022-32881

creationtimestamp| type| source ---|---|--- 2025-05-06 19:21:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15201...

CVE-2025-32881

creationtimestamp| type| source ---|---|--- 2025-05-01 20:15:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14387...

CVE-2024-32881 Unauthorized access to GET/SET of Slack Bot Tokens in Danswer

Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...

CVE-2024-32881 Unauthorized access to GET/SET of Slack Bot Tokens in Danswer

Danswer is the AI Assistant connected to company's docs, apps, and people. Danswer is vulnerable to unauthorized access to GET/SET of Slack Bot Tokens. Anyone with network access can steal slack bot tokens and set them. This implies full compromise of the customer's slack bot, leading to internal...

CVE-2023-32881

creationtimestamp| type| source ---|---|--- 2024-01-02 04:26:58+00:00| seen| https://t.me/ctinow/161476 2024-01-03 01:31:32+00:00| seen| https://t.me/cibsecurity/74131 2024-01-22 15:11:29+00:00| seen| https://t.me/ctinow/171205...

CVE-2023-32881

In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080...

CVE-2023-32881

CVE-2023-32881 affects MediaTek battery module. A possible information disclosure stems from an integer overflow, enabling local information disclosure with system-level privileges; no user interaction is required. Patch ALPS08308070 / ALPS08308080 is referenced. No exploit details or in-the-wild...

CVE-2021-32881

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none...

CVE-2022-32881

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system...

CVE-2022-32881

CVE-2022-32881 describes a logic issue that could allow an app to modify protected parts of the file system. Apple notes the fix as “improved restrictions” and lists affected platforms and versions: macOS Big Sur 11.7, macOS Monterey 12.6, macOS Ventura 13, iOS 16, watchOS 9, tvOS 16. These entri...

CVE-2021-32881

CVE-2021-32881 entry is rejected/not used per the initial description.