377 matches found
phpMyFAQ <= 4.1.1 - SQL Injection
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector and BuiltinCaptcha::saveCaptcha methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captc...
CVE-2026-44936
CVE-2026-44936 describes an SSRF risk in SUSE Rancher Fleet’s bundle reader when the helmRepoURLRegex field is not set on a GitRepo. The vulnerability allows forwarding Helm authentication credentials (BasicAuth) to any URL specified in the fleet.yaml helm.repo field, potentially leaking admin cr...
CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials in the Authorization header handling process. An attacker can cause sensitive authentication information to be sent to an unintended origin by reusing a handle for transfers to different HTTP origins...
PT-2026-55464
Name of the Vulnerable Software and Affected Versions kerberos-io/agent versions prior to 3.6.26 Description An issue exists in the Kerberos Hub upload path where the agent sends credentials in the custom X-Kerberos-Hub-PrivateKey and X-Kerberos-Hub-PublicKey request headers to the...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the helm.repo process when the helmRepoURLRegex field is not set on a GitRepo resource. An attacker with git push access to a monitored repository can cause the system to forward Helm authentication...
GHSA-HX4V-CXPF-VH8M Rancher Fleet has SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml
Impact A vulnerability has been identified in Fleet when the helmRepoURLRegex field isn't set on a GitRepo resource. Fleet's bundle reader forwards Helm authentication credentials BasicAuth to any URL specified in the helm.repo field of a fleet.yaml file. An attacker with git push access to a...
CVE-2026-13211 Genucenter Disclosure of SNMP Credentials
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role...
PYSEC-2026-413 Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token
Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token | Field | Value | | ---------------- | ----- | | Repository | pipeboard-co/meta-ads-mcp | | Affected version | ≤ 1.0.101 commit 496c988 7d14226; Versions 1.0.102–1.0.105 lack git tags, so patch status is unconfirmed. | |...
GHSA-QVQC-4C52-X6QP regclient may leak authentication credentials to external blob stores
Credentials for a registry may be inadvertently leaked to external servers. A prerequisite for this attack is a malicious registry server, a malicious blob store, or a registry that does not restrict the external URLs for foreign blobs. Example attack A malicious registry serves an OCI image...
BIT-GRAFANA-2026-10601 Path Traversal in Tempo and Loki Data Source Plugins — Credential Leakage and Admin Endpoint Access
The Tempo and Loki datasource plugins construct backend HTTP requests by interpolating user-supplied input into URL paths without sanitization, enabling path traversal. A Viewer-role user can: 1 capture admin-configured datasource credentials secureJsonData custom headers by traversing to an...
CVE-2026-41715
A flaw was found in Reactor Netty HTTP client. In specific scenarios, a remote attacker could exploit this vulnerability when the HTTP client is explicitly configured to follow redirects from a secure endpoint to an insecure one. This could lead to the leakage of sensitive credentials. Mitigation...
CVE-2026-54323
CVE-2026-54323 describes a vulnerability in Daytona prior to 0.185.0 where the daemon’s git clone path disabled TLS certificate verification. When a clone carried Git credentials, the daemon sent the HTTP Basic Authorization header to the remote over an unvalidated TLS connection on both the go-g...
CVE-2026-54276
A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. The DigestAuthMiddleware component can send an authentication response after following a cross-origin redirect. This could allow a remote attacker, in conjunction with an open redirect vulnerability ...
Linux Distros Unpatched Vulnerability : CVE-2026-50184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...
CVE-2026-50184
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...
CVE-2026-50184
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during...
CVE-2026-50184
Summary (CVE-2026-50184) : The vulnerability affects the Angular ecosystem, specifically the @angular/service-worker package. When the service worker reconstructs outbound requests, an internal helper strips client-specified safety parameters (credentials: omit and cache: no-store), reverting the...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in the ansible-connection module of Ansible Engine, where sensitive information such as Ansible user credentials is disclosed by default in the traceback error message. The greatest threat posed by this vulnerability is related to confidentiality...
Astra Linux – Vulnerability in Ansible
A flaw was discovered in Ansible. Credentials, such as secrets, are being disclosed in the console logs by default, and are not protected by the nolog feature when using those modules. An attacker can exploit this information to steal those credentials. The greatest threat posed by this...