CVE-2026-35180

WWBN AVideo (versions 26.0 and prior) is affected by CVE-2026-35180 due to a CSRF vulnerability in the site customization endpoint (admin/customize_settings_nativeUpdate.json.php) that lacks CSRF validation and writes uploaded logo files to disk before ORM domain checks. Combined with SameSite=No...

EUVD-2026-19350

vLLM is an inference and serving engine for large language models LLMs. From 0.7.0 to before 0.19.0, the VideoMediaIO.loadbase64 method at vllm/multimodal/media/video.py splits video/jpeg data URLs by comma to extract individual JPEG frames, but does not enforce a frame count limit. The numframes...

OpenClaw: Telnyx Webhook Replay Detection Bypass via Base64 Signature Re-encoding

Summary Telnyx Webhook Replay Detection Bypass via Base64 Signature Re-encoding Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped v2026.3.28 replay hashing treated equivalent Telnyx Base64/Base64URL signatures as distinct requests, but signature...

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-33024

AVideo is a video-sharing Platform. Versions prior to 8.0 contain a Server-Side Request Forgery vulnerability CWE-918 in the public thumbnail endpoints getImage.php and getImageMP4.php. Both endpoints accept a base64Url GET parameter, base64-decode it, and pass the resulting URL to ffmpeg as an...

CVE-2026-31846

Missing authentication in the /goform/ate endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows an adjacent unauthenticated attacker to retrieve sensitive device information, including the administrator password. The endpoint returns a raw response containing...

CVE-2026-33211

A flaw was found in Tekton Pipelines, specifically in the Tekton Pipelines git resolver. A tenant with permissions to create ResolutionRequests can exploit a path traversal vulnerability via the pathInRepo parameter. This allows the tenant to read arbitrary files from the resolver pod's filesyste...

CVE-2026-33211 Tekton Pipelines git resolver has path traversal that allows reading arbitrary files from the resolver pod

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the pathInRepo parameter. A tenant with permissi...

CVE-2026-31846 Unauthenticated Credential Disclosure via /goform/ate in Nexxt Nebula 300+

Missing authentication in the /goform/ate endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows an adjacent unauthenticated attacker to retrieve sensitive device information, including the administrator password. The endpoint returns a raw response containing...

PT-2026-27115

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores administrative authentication material in the ecos pw cookie using a reversible Base64-encoded format with a static suffix. An attacker who obtains or derives this cookie value can forge a valid administrative session and gai...

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

PT-2026-26561

AVideo is a video-sharing Platform. Versions prior to 8.0 contain a Server-Side Request Forgery vulnerability CWE-918 in the public thumbnail endpoints getImage.php and getImageMP4.php. Both endpoints accept a base64Url GET parameter, base64-decode it, and pass the resulting URL to ffmpeg as an...

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Niranjan Hegde and Sijo Jacob · June 14, 2023 This blog was also written by Mathanraj Thangaraju Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitiv...

gdk-pixbuf Vulnerable to Heap Buffer Overflow via Malicious JPEG Images in 'gdk_pixbuf__jpeg_image_load_increment' Function

gdk-pixbuf is vulnerable to heap buffer overflow due to improper bounds handling in the gdkpixbufjpegimageloadincrement function and gbase64encodestep in glib. This could allow an attacker to trigger a denial-of-service or potentially cause the corruption of memory by processing maliciously craft...

CVE-2026-27520

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can...

CVE-2026-27520 Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can...

CVE-2026-27193 Feathers exposes internal headers via unencrypted session cookie

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In versions 5.0.39 and below, all HTTP request headers are stored in the session cookie, which is signed but not encrypted, exposing internal proxy/gateway headers to clients. The OAuth servi...

Feathers exposes internal headers via unencrypted session cookie

All HTTP request headers are stored in the session cookie, which is signed but not encrypted, exposing internal proxy/gateway headers to clients. The OAuth service stores the complete headers object in the session: javascript //...

SUSE-SU-2026:20493-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-13601: Fixed integer overflow in in gescapeuristring bsc1254297. - CVE-2025-14087: Fixed buffer underflow in GVariant parser leads to heap corruption bsc1254662. - CVE-2025-14512: Fixed integer Overflow in GLib GIO Attribute Escaping...