io.github.ilyaslabs.foodstack:configserver (=0.0.1), io.github.ilyaslabs:spring-boot-microservice-config-server (=1.0.0) +7 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=4.3.0 <=4.3.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.3.0, =1.0.1, =7.3.0, =7.3.0, =26.01.01, =2.3.0, =4.3.0, =3.3.0, =3.3.2 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...

io.mosip.kernel:kernel-config-server (>=1.2.1-rc1 <=1.3.0-beta.3), org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=7.0.0 <=7.1.6.2) +5 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=4.1.0 <=4.1.7)

org.springframework.cloud:spring-cloud-config-server MAVEN version =4.1.0, =1.2.1-rc1, =7.0.0, =7.0.0, =4.1.0, =3.1.0, =3.1.6 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...

com.alibaba.cloud:spring-cloud-starter-alibaba-nacos-config-server (=2021.0.1.0), com.bpfaas:bps-config-server-novault-spring-cloud-starter (=3.2.2) +9 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=3.1.0 <=3.1.10)

org.springframework.cloud:spring-cloud-config-server MAVEN version =3.1.0, =2.1.4, =0.1, =6.5.0, =6.5.0, =2.0.1, =3.1.0, =2.1.0, =2.1.1 Source cves: CVE-2026-41004 Source advisory: OSV:GHSA-J6HH-H3CF-C2HF...

CVE-2026-41004

creationtimestamp| type| source ---|---|--- 2026-05-07 06:12:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlakplsqy52v 2026-05-07 07:29:50+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-spring-cloud-config 2026-05-07 14:40:20+00:00| seen|...

CVE-2026-41004

When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 inclusive; upgrade to 3.1.14 or greater Enterprise Support Only. Spring Cloud Config 4.1.x: affected from 4.1.0 throu...

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-41004 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-41004 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439025...

CVE-2025-41004

Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’ through the ‘id’ parameter...

EUVD-2025-41004

Malicious code in galih-sambel52-sluey npm...

Linux Distros Unpatched Vulnerability : CVE-2024-41004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation...

CVE-2024-41004

creationtimestamp| type| source ---|---|--- 2024-07-12 16:04:53+00:00| seen| https://t.me/cvedetector/720 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07...

CVE-2024-41004

In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module...

CVE-2024-41004

CVE-2024-41004 affects the Linux kernel tracing tests for build event generation in kprobes/synth tests. The vulnerability arises when those test modules are built-in instead of modular, causing events to remain locked in the kernel and breaking kprobe self-tests, which in turn causes ftracetest ...

CVE-2024-41004 tracing: Build event generation tests only as modules

In the Linux kernel, the following vulnerability has been resolved: tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock get a reference those event file reference in module init function, and unlock and delete it in module...

CVE-2022-41004

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-41004

CVE-2022-41004 affects Siretta QUARTZ-GOLD (G5.0.1.5-210720-141020) via stack-based buffer overflows in the DetranCLI command parsing, specifically in the no ip nat outside source template. Talos reports multiple CVEs in the same family with exploit paths leading to arbitrary command execution; C...

CVE-2021-41004

creationtimestamp| type| source ---|---|--- 2022-04-12 20:17:05+00:00| seen| https://t.me/cibsecurity/40627...

CVE-2021-41004

A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series versions: Firmware below v1.0.7.0...

CVE-2021-41004

CVE-2021-41004 affects Aruba Instant On 1930 Switch Series with firmware versions below 1.0.7.0. The vulnerability is remote, with network access and low attack complexity, yielding a high impact (availability impact, CVSSv3.1 base score 7.5). Root cause indicated by connected sources as an input...

Python < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.4 Python Issue (bpo-41004) - Linux

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

Python < 3.5.10, 3.6.x < 3.6.12, 3.7.x < 3.7.9, 3.8.x < 3.8.4 Python Issue (bpo-41004) - Windows

Python is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...