Use of Weak Hash

Overview streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a weak hash algorithm in the hashing.py process of the Palette Handler component. An attacker can compromise data integrity or cause unintend...

CVE-2026-48587 Potential exposure of private data via whitespace padding in Vary header

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.utils.cache.hasvaryheader in Django does not strip leading or trailing whitespace from Vary response header values before comparison, which allows remote attackers to read cached responses via requests to URLs whose...

CVE-2026-35193

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to the Vary response header for requests bearing that header without Cache-Control: public, which allows remote attackers to read private...

Linux Distros Unpatched Vulnerability : CVE-2026-35193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not add Authorization to...

PT-2026-45938

Name of the Vulnerable Software and Affected Versions Django versions prior to 5.2.15 Django versions prior to 6.0.6 Description An issue exists in django.middleware.cache.UpdateCacheMiddleware where the Authorization header is not added to the Vary response header for requests that include that...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in DMA synchronization direction in the crypto Atmel-TDES module. This vulnerability may...

MAL-2026-4653 Malicious code in qaq-core-util-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41cf368bbc06ee2a9e0d2a9b2030d7604a41af7ed5fed253d48a0d9ff41f92f6 lib/memcached.js exports getCacheRedis, getCacheDataRedis, and setCacheRedis. Each function's signature accepts a cachedUrl parameter, but the...

Unity Linux 20.1070e Security Update: infinispan (UTSA-2026-016716)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016716 advisory. It was found that the Hotrod client in Infinispan before 9.2.0.CR1 would unsafely read deserialized data on information from the cache. An authenticated attacker cou...

EUVD-2026-30817

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache bytes using pickle.loads without integrity/authenticity checks. The write path serializes values with...

SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2026:1826-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1826-1 advisory. This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacke...

SUSE-SU-2026:21626-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Security issues: - CVE-2023-49441: integer overflow via forwardquery bsc1226091. - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251. Non security issue: - Reintroduce nogroup...

SUSE-SU-2026:21633-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: - CVE-2026-2291: Fixed a bug that could have been abused to record false cached data enabling DoS or attacker redirect. bsc1258251...

SUSE-SU-2026:1828-1 Security update for dnsmasq

This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251...

SUSE-SU-2026:1827-1 Security update for dnsmasq

This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251...

SUSE-SU-2026:1826-1 Security update for dnsmasq

This update for dnsmasq fixes the following issue: - CVE-2026-2291: VU471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect bsc1258251...

CVE-2026-42254

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...

DEBIAN-CVE-2026-42254

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...

CVE-2026-42254

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...

CVE-2026-42254

The CVE affects Hickory DNS hickory-recursor versions 0.1 through 0.25.2. The root cause is cross-zone poisoning caused by cached data not being directly associated with the query that triggered the response, enabling manipulation of cached responses. Impact is limited to information integrity in...

EUVD-2026-25687

Hickory DNS hickory-recursor 0.1 through 0.25.2 allows cross-zone poisoning because cached data is not directly associated with a query that triggered a response...