226 matches found
CVE-2026-44722
pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfileaes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1...
CVE-2026-44722
pyzipper is a replacement for Python's zipfile that can read and write AES encrypted zip files. Prior to 0.4.0, a Python operator precedence bug in pyzipper/zipfileaes.py caused the AE-2 format to never be automatically selected during encryption, causing encrypted entries to be written in AE-1...
CVE-2026-44596
Yamcs is a mission control framework. Prior to 5.12.7, the authentication endpoint POST /auth/token in yamcs-core, handled by yamcs-core/src/main/java/org/yamcs/http/auth/AuthHandler.java, lacked any rate limiting, account lockout, or failed-attempt throttling, so an unauthenticated remote attack...
CVE-2026-44596
Summary (CVE-2026-44596) Yamcsâ authentication endpoint POST /auth/token (in yamcs-core) lacked rate limiting, account lockout, and throttling for failed attempts prior to v5.12.7. An unauthenticated remote attacker could perform unlimited password-guessing against any user account, enabling brut...
CVE-2026-35098 Improper Restriction of Excessive Authentication Attempts in KTM System e-BOK
KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rateâlimiting enables efficient bruteâforce attacks against user accounts. When combined with vulnerability CVE-2026-35097, where...
CVE-2026-35098
KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rateâlimiting enables efficient bruteâforce attacks against user accounts. When combined with vulnerability CVE-2026-35097, where...
CVE-2026-42604 Actual has an OpenID `client_secret` Disclosure via Broken Authorization Guard in `/openid/config`
Actual is a local-first personal finance tool. The POST /openid/config endpoint in Actual Budget's sync-server versions = 26.4.0 exposes the full OpenID Connect configurationâincluding the OAuth2 clientsecretâto any caller who knows the bootstrap password. The endpoint also lacks authentication a...
CVE-2026-24000
Fleet is open source device management software. Prior to version 4.80.1, Fleet trusted client-supplied IP address headers when determining the source IP for incoming requests. This allowed authenticated and unauthenticated clients to spoof their apparent IP address and bypass per-IP rate limitin...
Mercusys AC12G ććéŽé˘ćźć´
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version has a security vulnerability. This vulnerability stems from the lack of rate limiting on the TDDP password change endpoint, which may allow neighboring network...
CVE-2026-44611 MacGregor Voyage Data Recorder (VDR) G4e Use of Password Hash With Insufficient Computational Effort
Danelec MacGregor Voyage Data Recorder passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks...
User Impersonation
Overview Affected versions of this package are vulnerable to User Impersonation due to the reliance on client-supplied IP address headers such as X-Forwarded-For, X-Real-IP, and True-Client-IP. An attacker can circumvent per-IP rate limiting by supplying arbitrary values in these headers, causing...
CVE-2026-46356 Fleet: IP spoofing allows bypassing API rate limiting
Fleet is open source device management software. Prior to version 4.80.1, a vulnerability in Fleet's IP extraction logic allows unauthenticated attackers to bypass API rate limiting by spoofing client IP headers. This may allow brute-force login attempts or other abuse against Fleet instances...
CVE-2026-24000
Fleet is open-source device management software. A vulnerability in versions prior to 4.80.1 lets attackers spoof the clientâs apparent IP by abusing unvalidated headers (X-Forwarded-For, X-Real-IP, True-Client-IP) to bypass per-IP rate limiting. This affects how Fleet determines a clientâs publi...
Inadequate Encryption Strength
github.com/enchant97/note-mark/backend is vulnerable to Inadequate Encryption Strength. The vulnerability is due to missing enforcement of minimum length and entropy requirements for the JWTSECRET value, which allows an attacker to brute-force weak secrets and forge valid JWT tokens...
GHSA-MXMP-WR3W-RVQX Fleet: IP spoofing allows bypassing API rate limiting
Summary A vulnerability in Fleet's IP extraction logic allows unauthenticated attackers to bypass API rate limiting by spoofing client IP headers. This may allow brute-force login attempts or other abuse against Fleet instances exposed to the public internet. Impact Fleet extracted client IP...
GHSA-J8H8-75H3-JG53 Fleet has a rate limiting bypass via untrusted client IP headers
Impact Fleet trusted client-supplied IP address headers when determining the source IP for incoming requests. This allowed authenticated and unauthenticated clients to spoof their apparent IP address and bypass per-IP rate limiting controls. Fleet determines a clientâs public IP address using HTT...
PT-2026-40968
Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.80.1 Description Fleet trusted client-supplied IP address headers when determining the source IP for incoming requests. This allowed authenticated and unauthenticated clients to spoof their apparent IP address and...
PT-2026-40979
Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.80.1 Description An issue in the IP extraction logic allows unauthenticated attackers to bypass API rate limiting by spoofing client IP headers. The software extracts client IP addresses from request headers...
CVE-2024-0391
The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid usernames can increase the risk of brute-force and social engineering attacks. Attackers can leverage...
CVE-2024-0391 Username Enumeration via Email OTP Flow in Multiple WSO2 Products Allows User Account Discovery
The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid usernames can increase the risk of brute-force and social engineering attacks. Attackers can leverage...