CVE-2026-42439

creationtimestamp| type| source ---|---|--- 2026-05-05 15:15:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4i4rbxlk2c 2026-05-07 04:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mladoxwkya2y...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +12 more potentially affected by CVE-2026-42439 via openclaw (>=2026.3.22 <=2026.4.1)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-42439 Source advisory: SNYK:JS-OPENCLAW-16420273...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-42439 via openclaw (>=0.0.1 <=2026.4.1)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =3.3.2, =3.3.7 Source cves: CVE-2026-42439 Source advisory: OSV:GHSA-RJ2P-J66C-MGQH...

EUVD-2025-42439

Malicious code in putri-klanting49-breki npm...

Zoom Workplace Desktop App for macOS < 6.1.0 Buffer Overflow (ZSB-24033)

The version of Zoom Workplace Desktop App for macOS installed on the remote host is prior to 6.1.0. It is, therefore, affected by a buffer overflow vulnerability as referenced in the ZSB-24033 advisory: - Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom...

CVE-2024-42439

creationtimestamp| type| source ---|---|--- 2024-08-14 19:54:09+00:00| seen| https://t.me/cvedetector/3180...

CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2023-42439

GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. A SSRF vulnerability exists starting in version 3.2.0, bypassing existing controls on the software. This can allow a user to request internal services for a full read SSRF, returni...

CVE-2023-42439

GeoNode CVE-2023-42439 describes a Server-Side Request Forgery (SSRF) bypass vulnerability that bypasses the whitelist by manipulating the first host into a whitelisted address using @ or %40 as credentials to the geoserver (port 8080). The result is a full read SSRF that can return data from int...

CVE-2022-42439

creationtimestamp| type| source ---|---|--- 2023-02-07 00:23:36+00:00| seen| https://t.me/cibsecurity/57628...

CVE-2022-42439 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211...

CVE-2022-42439

Summary: IBM App Connect Enterprise (ACE) versions 11.0.0.17–11.0.0.19 and 12.0.4.0–12.0.5.0 contain an unspecified vulnerability in the Discovery Connector nodes that may disclose a third-party system’s credentials to a privileged attacker. Affected products/versions (as documented): ACE 11.0.0....

CVE-2022-42439 IBM App Connect Enterprise information disclosure

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211...

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands may be vulnerable to insertion of sensitive information into log files due to [CVE-2022-42439]

Summary IBM App Connect Enterprise Certified Container IntegrationServer operands that use the Discovery Connector nodes may be vulnerable to insertion of sensitive information into log files. This bulletin provides patch information to address the reported vulnerability. CVE-2022-42439...

Security Bulletin: IBM App Connect Enterprise Discovery Connector nodes are vulnerable to a loss of confidentiality due to CVE-2022-42439

Summary IBM App Connect Enterprise contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system's credentials to be exposed to a privileged attacker. The fix provided resolves the vulnerability. Vulnerability Details CVEID:CVE-2022-42439 DESCRIPTION: I...