MINI-8GWP-6866-F3WM

Bulletin has no description...

CVE-2026-6866 Initialization of a Resource with an Insecure Default vulnerability on EcoStruxure™ Panel Server

CWE-1188 Initialization of a Resource with an Insecure Default vulnerability exists that could cause unauthorized disclosure of sensitive information when credentials revert to initial settings in rare circumstances, enabling unauthorized authentication using known credentials...

CVE-2026-6866

creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11 2026-05-12 14:20:40+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnybqzs6w2w...

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2024-6866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case- insensitive due to the use of the trymatch function, which...

OESA-2025-1981 python-Flask-Cors security update

A Flask extension for handling Cross Origin Resource Sharing CORS, making cross-origin AJAX possible. Security Fixes: corydolphin/flask-cors version 4.0.1 contains an improper regex path matching vulnerability. The plugin prioritizes longer regex patterns over more specific ones when matching...

Security Bulletin: IBM Maximo Application Suite uses flask_cors-5.0.1-py3-none-any.whl which is vulnerable to CVE-2024-6866, CVE-2024-6839, CVE-2024-6.

Summary IBM Maximo Application Suite uses flaskcors-5.0.1-py3-none-any.whl which is vulnerable toCVE-2024-6866, CVE-2024-6839, CVE-2024-6.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-6866 DESCRIPTION: corydolphin/flask-cors...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flask_cors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses flaskcors-5.0.1-py3-none-any.whl which is vulnerable to this CVE-2024-6839, CVE-2024-6866 and CVE-2024-6844 Vulnerability Details CVEID:CVE-2024-6866 DESCRIPTION: corydolphin/flask-cors version 4.01 contain...

CVE-2025-6866

creationtimestamp| type| source ---|---|--- 2025-06-29 19:22:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19871 2025-06-29 20:50:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsrkbycur62a...

CVE-2025-6866 code-projects Simple Forum forum_downloadfile.php path traversal

A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forumdownloadfile.php. The manipulation of the argument filename leads to path traversal. The attack can be initiated remotely. The exploit has been...

CVE-2025-6866

CVE-2025-6866 affects code-projects Simple Forum 1.0, specifically the file /forum_downloadfile.php. Multiple connected sources describe a path traversal vulnerability where the attacker can manipulate the filename parameter to read arbitrary files. The vulnerability is exploitable remotely, and ...

CVE-2024-6866

creationtimestamp| type| source ---|---|--- 2025-05-23 22:39:43+00:00| seen| https://gist.github.com/EbonJaeger/4959b52b5b6898ca4e109d36bb8b6d36...

CVE-2023-6866

TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox 121...

CVE-2020-6866

A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 6500 version V2.10.00R3B87...

CVE-2024-6866 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, superset, kubeflow-jupyter-web-app...

CVE-2013-6866

SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689...

CVE-2024-6866

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866 Case-Insensitive Path Matching in corydolphin/flask-cors

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...

CVE-2024-6866 Case-Insensitive Path Matching in corydolphin/flask-cors

corydolphin/flask-cors version 4.01 contains a vulnerability where the request path matching is case-insensitive due to the use of the trymatch function, which is originally intended for matching hosts. This results in a mismatch because paths in URLs are case-sensitive, but the regex matching...