10933 matches found
CVE-2026-41894 SiYuan: Incomplete Fix Bypass for CVE-2026-30869: Path Traversal via Double URL Encoding in `/export/` Endpoint
SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding...
CVE-2026-42040
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00' correctly...
EUVD-2026-25592
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...
CVE-2026-33662 OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode()
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...
CVE-2026-42040 Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00' correctly...
CVE-2026-42040
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00' correctly...
CVE-2026-42040 Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00' correctly...
CVE-2026-42040
CVE-2026-42040 concerns Axios, a promise-based HTTP client for browser and Node.js. The vulnerability lies in the encode() function inside lib/helpers/AxiosURLSearchParams.js, where a character map (charMap) erroneously reverses safe percent-encoding of null bytes. Specifically, after encodeURICo...
BIT-PYTHON-MIN-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
BIT-PYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
BIT-LIBPYTHON-2026-6019 BaseCookie.js_output() does not neutralize embedded characters
http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...
Security update for ImageMagick
This update for ImageMagick fixes the following issues: CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. CVE-2026-33905: Denial of service via out-of-bounds read in -sample...
SUSE-SU-2026:1596-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: - CVE-2026-33899: Denial of Service via out-of-bounds write in XML parsing bsc1262154. - CVE-2026-33900: Denial of Service via integer truncation in viff encoder bsc1262156. - CVE-2026-33905: Denial of service via out-of-bounds read in -samp...
GHSA-M958-864J-XQ5W Duplicate Advisory: OpenClaw: Telnyx Webhook Replay Detection Bypass via Base64 Signature Re-encoding
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-37v6-fxx8-xjmx. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.31 contains a replay detection bypass vulnerability in webhook signature handling that treats...
AnythingLLM 跨站脚本漏洞
AnythingLLM is an integrated AI application developed by Mintplex. Versions of AnythingLLM prior to 1.12.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from the markdown renderer in the chart component not encoding the alt text as HTML, which could lead to storage-ty...
PT-2026-35044
Name of the Vulnerable Software and Affected Versions Axios versions prior to 0.31.1 Axios versions prior to 1.15.1 Description The encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap that reverses the safe percent-encoding of null bytes. While...
Fedora 43 : rpki-client (2026-27892c9184)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-27892c9184 advisory. rpki-client 9.8 - Various refactoring for improved compatibility with various libcrypto implementations and in CA/BGPsec certificate handling. - Fixed an...
PT-2026-35066
SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, the fix for CVE-2026-30869 only added a denylist check IsSensitivePath but did not address the root cause — a redundant url.PathUnescape call in serveExport. An authenticated attacker can use double URL encoding...
SiYuan 路径遍历漏洞
SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.6.5 contained a path traversal vulnerability. This vulnerability arose from the fix of CVE-2026-30869, where only blacklist checks were added, and the redundant calls to the...
OP-TEE Trusted OS 输入验证错误漏洞
OP-TEE Trusted OS is an implementation of the OP-TEE open-source project, which creates an open-source Trusted Execution Environment TEE that utilizes Arm TrustZone technology. In versions 3.8.0 to 4.10 of OP-TEE Trusted OS, there is a vulnerability related to input validation errors. This...