Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

SUSE CVE
SUSE CVEadded 2026/04/03 11:26 p.m.2 views

SUSE CVE-2026-26961

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one...

3.7CVSS5.8AI score0.00253EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/03 12:28 p.m.2 views

CVE-2026-26961

A flaw was found in Rack, a modular Ruby web server interface. A remote attacker can exploit a vulnerability in Rack::Multipart::Parser by crafting a Content-Type header with multiple boundary parameters. This allows the attacker to bypass security inspections performed by upstream proxies or Web...

5.3CVSS5.9AI score0.00253EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/02 8:30 p.m.3 views

EUVD-2026-18368

Rack's greedy multipart boundary parsing can cause parser differentials and WAF bypass...

3.7CVSS5.8AI score0.00253EPSS
Exploits0References2
OSV
OSVadded 2026/04/02 5:16 p.m.1 views

DEBIAN-CVE-2026-26961

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one...

5.3CVSS5.3AI score0.00253EPSS
Exploits0References1
NVD
NVDadded 2026/04/02 5:16 p.m.4 views

CVE-2026-26961

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one...

5.3CVSS0.00253EPSS
Exploits0References1
OSV
OSVadded 2026/04/02 5:16 p.m.2 views

UBUNTU-CVE-2026-26961

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one...

5.3CVSS5.8AI score0.00253EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/02 12:0 a.m.3 views

PT-2026-29808

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.23, 3.1.21, and 3.2.6 Description Rack’s Rack::Multipart::Parser uses a greedy regular expression to extract the boundary parameter from multipart/form-data. When a Content-Type header contains multiple boundary...

7.5CVSS5.9AI score0.0043EPSS
Exploits0References36
Positive Technologies
Positive Technologiesadded 2026/04/02 12:0 a.m.3 views

PT-2026-29925

Summary Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one rather than the first. In deployments where an upstream proxy, WAF, or intermedia...

3.7CVSS5.9AI score0.00253EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-39986

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00226EPSS
Exploits0References1
OSV
OSVadded 2024/03/06 11:9 a.m.15 views

BIT-GITLAB-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.5CVSS5.8AI score0.00729EPSS
Exploits0References4
NVD
NVDadded 2023/06/27 3:15 p.m.14 views

CVE-2023-36002

A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...

4.3CVSS4.6AI score0.00226EPSS
Exploits0References2
Prion
Prionadded 2023/06/27 3:15 p.m.15 views

Authorization

A missing authorization check in multiple URL validation endpoints of the Insider Threat Management Server enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. All versions before 7.14.3 are affected...

3.3CVSS4.7AI score0.00226EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2023/06/27 12:0 a.m.3 views

PT-2023-25412 · Unknown · Insider Threat Management Server

Name of the Vulnerable Software and Affected Versions: Insider Threat Management Server versions prior to 7.14.3 Description: A missing authorization check in multiple URL validation endpoints enables an anonymous attacker on an adjacent network to smuggle content via DNS lookups. Recommendations...

4.3CVSS4.6AI score0.00226EPSS
Exploits0References3
NVD
NVDadded 2023/05/12 9:15 p.m.20 views

CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.5CVSS6AI score0.00729EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2023/05/12 9:15 p.m.34 views

CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.5CVSS6.4AI score0.00729EPSS
Exploits0References4
Cvelist
Cvelistadded 2023/05/12 12:0 a.m.23 views

CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.3CVSS6.3AI score0.00729EPSS
Exploits0References3
CVE
CVEadded 2023/05/12 12:0 a.m.65 views

CVE-2023-2181

GitLab vulnerability CVE-2023-2181 affects all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. An attacker could abuse the git feature refs/replace to smuggle content into a merge request, which would not be visible during UI review. This is caused by improper handling...

6.5CVSS6AI score0.00729EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2023/05/12 12:0 a.m.6 views

CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.3CVSS6.1AI score0.00729EPSS
Exploits0References3
OSV
OSVadded 2023/05/12 12:0 a.m.14 views

CVE-2023-2181

An issue has been discovered in GitLab affecting all versions before 15.9.8, 15.10.0 before 15.10.7, and 15.11.0 before 15.11.3. A malicious developer could use a git feature called refs/replace to smuggle content into a merge request which would not be visible during review in the UI...

6.3CVSS6.7AI score0.00729EPSS
Exploits0References5
Rows per page
Query Builder