5 matches found
CVE-2026-44495 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, wazuh-dashboard-fips, gitlab-rails-ce-fips, opensearch-dashboards, opensearch-dashboards-fips, nextcloud-server, awx, redisinsight, wazuh-dashboard...
Node.js Module axios 0.19.x < 0.31.1 / 1.x < 1.15.2 Prototype Pollution Credential Theft (CVE-2026-44495)
The version of the axios Node.js module installed on the remote host is 0.19.x prior to 0.31.1 or 1.x prior to 1.15.2. It is, therefore, affected by the following vulnerability: - A prototype pollution gadget in the config merge and response transformation pipeline allows credential theft and...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7073 more potentially affected by CVE-2026-44495 via axios (>=1.0.0 <=1.15.1)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2026-44495 Source advisory:...
com.github.mengweijin:logging-preview-spring-boot-starter (>=1.0.0 <=1.0.1), com.github.mengweijin:quickboot-web (>=1.0.1 <=1.0.42) +23 more potentially affected by CVE-2026-44495 via org.webjars.npm:axios (>=0.19.0 <=0.5.4)
org.webjars.npm:axios MAVEN version =0.19.0, =1.0.0, =1.0.1, =2.0.0, =1.0.4, =1.0.14 - org.webjars.npm:peacetrue-js =1.0.5 and more Source cves: CVE-2026-44495 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-17111061...
CVE-2026-44495
creationtimestamp| type| source ---|---|--- 2026-05-29 09:05:09+00:00| published-proof-of-concept| https://github.com/axios/axios/security/advisories/GHSA-3g43-6gmg-66jw 2026-07-01 15:18:05+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mplstfubxd23...