CVE-2026-41727

Summary: Spring for Apache Kafka’s retry topic infrastructure does not adequately validate user-controlled header values, allowing a crafted retry_topic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify a message’s position in the retry sequen...

EUVD-2026-35880

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a logic flaw in BlockInclusionProof::isblockproven causes the function to return true without performing any cryptographic verification when getinterlinkhops...

Crabbox 授权问题漏洞

Crabbox is an open-source remote code execution and test environment management tool developed by OpenClaw. Versions of Crabbox prior to 0.12.0 contained an authorization vulnerability. This vulnerability stemmed from an authentication bypass, allowing non-administrator token callers to impersona...

User Impersonation

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to User Impersonation through the processServiceImport request-info header handling in leafnode...

CVE-2026-30956

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, a low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 and earlier by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the...

CVE-2026-30956

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, a low‑privileged user can bypass authorization and tenant isolation in OneUptime v10.0.20 and earlier by sending a forged is-multi-tenant-query header together with a controlled projectid header. Because the...

CVE-2026-22797

A flaw was found in OpenStack keystonemiddleware. The externaloauth2token middleware fails to properly sanitize incoming authentication headers. An authenticated attacker can exploit this by sending forged identity headers, such as X-Is-Admin-Project, X-Roles, or X-User-Id. This can lead to...

Authentication Bypass by Spoofing

Overview Affected versions of this package are vulnerable to Authentication Bypass by Spoofing in the externaloauth2token middleware. An attacker can gain unauthorized access or escalate privileges by sending forged authentication headers such as X-Is-Admin-Project, X-Roles, or X-User-Id...

EUVD-2026-3202

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The externaloauth2token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged...

CVE-2025-51663

A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2.2 allows remote attackers to bypass ip-based rate limit protection and failed attempt restrictions by faking X-Real-IP and X-Forwarded-For HTTP headers. This can enable attackers to perform DoS attacks or brute force share...

GHSA-2C2H-2855-MF97 Apache Camel: Camel Message Header Injection via Improper Filtering

Bypass/Injection vulnerability in Apache Camel components under particular conditions. This issue affects Apache Camel: from 4.9.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and...

The vulnerability of GUE tunneling protocols, related to insufficient verification of the communication channel source, allows attackers to execute attacks such as “substitution of the trusted object”.

The vulnerability of GUE tunneling protocols lies in insufficient verification of the source of the communication channel. Exploiting this vulnerability allows a malicious actor to execute attacks such as “substitution of the trusted object” by sending a specially crafted packet containing two IP...

CVE-2024-41432

An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP address with any arbitrary IP address, specifically by adding a forged 'X-Forwarded' or 'Client-IP' header to requests. Exploiting IP spoofing, attackers can...

SUSE CVE-2006-6944

phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers...

SUSE CVE-2012-3505

Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial of service CPU and memory consumption via 1 a large number of headers or 2 a large number of forged headers that trigger hash collisions predictably. bucket...

SUSE CVE-2021-31999

A Reliance on Untrusted Inputs in a Security Decision vulnerability in Rancher allows users in the cluster to act as others users in the cluster by forging the "Impersonate-User" or "Impersonate-Group" headers. This issue affects: Rancher versions prior to 2.5.9. Rancher versions prior to 2.4.16...

kyma 输入验证错误漏洞

kyma is an open source platform for scaling applications using microservices and serverless functionality. kyma suffers from an elevation-of-privilege vulnerability that stems from a networked system or product that does not properly authenticate incoming data. An authenticated attacker could...

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source, enterprise-class container management platform from Rancher Labs, Inc. A security vulnerability exists in Rancher Labs Rancher, which stems from a reliance on untrusted input in a security decision vulnerability in Rancher. An attacker could exploit the...

Async-h1 request smuggling possible with long unread bodies

This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content starting at...

Bludit Brute Force Protection Mechanism Bypass Vulnerability

Bludit is a simple, fast and secure flat file CMS. A brute force protection mechanism bypass vulnerability exists in bl-kernel/security.class.php in Bludit 3.9.2, which can be exploited by an attacker to bypass the brute force protection mechanism via a variety of forged X-Forwarded-For or...