CVE-2026-43828

creationtimestamp| type| source ---|---|--- 2026-05-26 08:51:26+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmqmgui6pf24...

Linux Distros Unpatched Vulnerability : CVE-2026-43828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, an...

com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +19 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (=3.0.0-alpha-1)

org.apache.shiro:shiro-web MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-web and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0.3,...

ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +185 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (>=2.0.0-alpha-1 <=2.1.0)

org.apache.shiro:shiro-web MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =8.0.0, =8.0.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43828 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116502...

com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +27 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-core (=3.0.0-alpha-1)

org.apache.shiro:shiro-core MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-core and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0....

DEBIAN-CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

CVE-2021-43828

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management IDOR has been found in PatrowlManager. All imports findings file is placed under /media/imports// In that, ownerid is predictable and tmpfile is in format o...

Linux Distros Unpatched Vulnerability : CVE-2024-43828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying fastcommit When doing fastcommit replay an infinite...

Azure Linux 3.0 Security Update: kernel (CVE-2024-43828)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43828 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2929)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-43828)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43828 advisory. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix infinite loop when replaying...

CVE-2024-43828 affecting package kernel for versions less than 5.15.167.1-1

CVE-2024-43828 affecting package kernel for versions less than 5.15.167.1-1. An upgraded version of the package is available that resolves this issue...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3592-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3592-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3587-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3587-1 advisory. The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following securit...

SUSE-SU-2024:3592-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. - CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3561-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3561-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The...

openSUSE Security Advisory (SUSE-SU-2024:3564-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3551-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3551-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following securit...

openSUSE Security Advisory (SUSE-SU-2024:3551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...