EUVD-2026-31398

golang.org/x/crypto/ssh: Invoking VerifiedPublicKeyCallback permissions skip enforcement...

CVE-2026-54033 LibreChat: SSRF via User-Provided Custom Endpoint baseURL — no private IP validation on user-configured API base URLs

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This URL is used to construct HTTP requests without any SSRF validation — no private IP check, no scheme...

CVE-2026-12635

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

EUVD-2026-39168

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to make requests to internal network resources through...

GHSA-WV27-2VQP-J7G5 Gogs has the ability to import local repositories via Mirror Settings

Summary The Gogs Mirror Settings functionality provide an alternative way from the well protected New Migration functionality for any authenticated users to import local repositories. This issue stems from a lack of validation of SaveAddress function. Details Here is the function implementation o...

PT-2026-51459

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description An information disclosure issue exists in the Mirror Settings functionality, which allows authenticated users to import local repositories from the server filesystem. This occurs due to a lack o...

PT-2026-51147

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description Insufficient webhook URL validation allows for Server-Side Request Forgery SSRF, a flaw where a server is tricked into making requests to an unintended location. Organization admins can configure...

Astra Linux – Vulnerability in Python-Django

A issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. A lack of enforcement of an upper-bound limit on strings passed during IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed by removing the unnecessary f2fsbugon function to avoid panics. The verifyblkaddr function will trigger a panic once we introduce a fault into f2fsisvalidblkaddr; this unnecessary f2fsbugon function has been remove...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: usb: asix: validate PHY address before use The ASIX driver reads the PHY address from the USB device via asixreadphyaddr. A malicious or faulty device may return an invalid address = PHYMAXADDR, which causes a warning in...

Astra Linux – Vulnerability in Zabbix

The URL validation scheme receives input from a user and then parses it to identify its various components. This validation scheme ensures that all URL components comply with internet standards...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: PowerPC: Fixed virtaddrvalid for 64-bit Book3E & 32-bit systems. MPE: On 64-bit Book3E, the vmalloc space starts at 0x8000000000000000. Due to the way pa works, pa0x8000000000000000 returns 0. Therefore,...

CVE-2026-40181

A flaw was found in React Router. This vulnerability allows a remote attacker to redirect users to an external, potentially malicious, website. This occurs when specially crafted URLs, containing paths starting with //, are passed to the redirect function, causing them to be misinterpreted as...

CVE-2026-40456

An OS Command Injection vulnerability exists in LMS LAN Management System before commit 9fcb4de due to an IP address parameter being passed to the "exec" function without proper validation, allowing attackers to execute arbitrary operating system commands...

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

CVE-2025-11694 Rockwell Automation CompactLogix 5370 Controllers – Multiple Vulnerabilities

A security issue exists within 1769 CompactLogix controllers due to the missing validation of sequence numbers and source IP addresses in the CIP protocol. This allows attacker to abuse the exposed Connection ID’s visible on the web interface to perform denial-of-service attacks, resulting in...

CVE-2025-11694

The CVE-2025-11694 issue affects 1769 CompactLogix controllers (CIP protocol). The root cause is missing validation of sequence numbers and source IP addresses, enabling an attacker to abuse exposed Connection IDs visible on the web interface to trigger denial-of-service conditions resulting in a...

SUSE CVE-2026-42764

Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...

CVE-2026-44894 Netty's Default QUIC token handler accepts any client-supplied token

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

openssl: NULL pointer dereference in QUIC server initial packet handling

A flaw was found in the OpenSSL QUIC Quick UDP Internet Connections server. A remote attacker could send a specially crafted QUIC initial packet with an invalid token. If the server's address validation is explicitly disabled, this could lead to a NULL pointer dereference, causing the server...