DEBIAN-CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

BELL-CVE-2026-48928

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2026-48928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release line...

CVE-2026-48928

creationtimestamp| type| source ---|---|--- 2026-06-19 13:45:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3moni2fdzi32c 2026-06-21 19:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities20260622 2026-06-26 02:20:01+00:00| seen|...

CVE-2024-48928

creationtimestamp| type| source ---|---|--- 2026-02-24 18:01:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfmqqsia7t2z...

CVE-2025-48928

The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025...

CVE-2025-48928

creationtimestamp| type| source ---|---|--- 2025-05-28 18:14:10+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114586815688198231 2025-05-28 20:40:20+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lqb2satwaf24 2025-07-01 05:10:42+00:00| exploited|...

CVE-2025-48928

The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a “core dump” in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025. Recent assessments: Assessed Attacker Value...

CVE-2025-48928

The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025...

CVE-2025-48928

CVE-2025-48928 affects the TeleMessage service (TeleMessage TM SGNL) running a JSP-based application up to 2025-05-05. The issue is that heap content can resemble a core dump, exposing passwords previously sent over HTTP within that dump. Exploitation was observed in the wild in May 2025. Public ...

CVE-2022-48928

In the Linux kernel, the following vulnerability has been resolved: iio: adc: menz188adc: Fix a resource leak in an error handling path If iiodeviceregister fails, a previous ioremap is left unbalanced. Update the error handling path and add the missing iounmap call, as already done in the remove...

CVE-2022-48928

In the Linux kernel, the following vulnerability has been resolved: iio: adc: menz188adc: Fix a resource leak in an error handling path If iiodeviceregister fails, a previous ioremap is left unbalanced. Update the error handling path and add the missing iounmap call, as already done in the remove...

CVE-2023-48928

creationtimestamp| type| source ---|---|--- 2023-12-31 09:46:33+00:00| seen| https://t.me/ctinow/161039...

CVE-2023-48928

Franklin Fueling Systems System Sentinel AnyWare SSA version 1.6.24.492 is vulnerable to Open Redirect. The 'path' parameter of the prefs.asp resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL...

CVE-2023-48928

Franklin Fueling Systems System Sentinel AnyWare SSA version 1.6.24.492 is vulnerable to Open Redirect. The 'path' parameter of the prefs.asp resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL...

CVE-2023-48928

CVE-2023-48928 affects Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492. The vulnerability is an Open Redirect: the path parameter of the prefs.asp resource can be manipulated to redirect a victim to an arbitrary external site. CVSS details in the initial document indicat...