5 matches found
CVE-2026-14645
Nexus Repository 3 does not validate the destination of the "Webhook: Global" capability's configured URL before making an outbound HTTP request, allowing a user holding the Capability Administration permission to cause the server to send requests to internal network locations Server-Side Request...
CVE-2026-14645 Nexus Repository 3 - Server-Side Request Forgery (SSRF) via Webhook: Global Capability
Nexus Repository 3 does not validate the destination of the "Webhook: Global" capability's configured URL before making an outbound HTTP request, allowing a user holding the Capability Administration permission to cause the server to send requests to internal network locations Server-Side Request...
CVE-2026-14645
CVE-2026-14645 : Nexus Repository 3 is vulnerable to Server-Side Request Forgery (SSRF) via the Webhook: Global capability. The product does not validate the destination URL of the configured Webhook: Global before making an outbound HTTP request, enabling a user with the Capability Administratio...
Linux Distros Unpatched Vulnerability : CVE-2026-53236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: restrict SOATTACHFILTER to priv users This patch restricts the use of SOATTACHFILTER cBPF on TCP sockets to users with CAPNETADMIN capability. This blocks...
SUSE-SU-2025:20875-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_6
This update for kernel-livepatch-MICRO-6-0-RTUpdate6 fixes the following issues: - CVE-2025-38206: exfat: fix double free in delayedfree bsc1246075 - CVE-2025-38396: fs: export anoninodemakesecureinode and fix secretmem LSM bypass bsc1247158 - CVE-2025-38471: kernel: tls: always refresh the queue...