PT-2026-44063

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description Insufficient permission checks on the single-datasource 'GET' and 'PUT' routes allow users with the Basic app user role to access and modify REST datasource configurations. Because these routes are...

CVE-2026-8417

Concrete CMS 9.5.0 and earlier is vulnerable to CSRF in the do_update() handler for package upgrades. The endpoint /dashboard/extend/update/do_update/ is invoked via a state-changing GET request and only checks canInstallPackages() before calling upgradeCoreData() and upgrade() on the target pack...

CVE-2026-40883 goshs: CSRF in state-changing GET routes enables authenticated file deletion and directory creation

goshs is a SimpleHTTPServer written in Go. From 2.0.0-beta.4 to 2.0.0-beta.5, goshs contains a cross-site request forgery issue in its state-changing HTTP GET routes. An external attacker can cause an already authenticated browser to trigger destructive actions such as ?delete and ?mkdir because...

CVE-2026-41194

FreeScout before 1.8.215 exposes a GET /mailbox/oauth-disconnect/{id}/{in_out}/{provider} action that removes stored OAuth metadata without CSRF protection, enabling cross-site triggering against a logged-in mailbox admin. Root cause: GET route lacks CSRF token validation. Impact: potential unaut...

CVE-2026-41194 FreeScout's Mailbox OAuth disconnect uses a state-changing GET and is CSRFable

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the mailbox OAuth disconnect action is implemented as GET /mailbox/oauth-disconnect/id/inout/provider. It removes stored OAuth metadata from the mailbox and then redirects. Because it is a GET route, no CSRF...

SUSE CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

CVE-2025-68353 net: vxlan: prevent NULL deref in vxlan_xmit_one

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

CVE-2025-68353

The CVE-2025-68353 entry concerns a Linux kernel vulnerability in the vxlan code path: vxlan_xmit_one may dereference sock4/sock6 pointers that are not guaranteed non-NULL (e.g., if an interface is down), leading to a NULL pointer dereference and kernel OOPs. The provided notes state that two com...

PT-2025-52889

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.7 Description The Linux kernel contains a flaw in the VXLAN implementation where a NULL pointer dereference can occur in the vxlan xmit one function. This happens because the sock4 and sock6 pointers are not...

SUSE CVE-2024-57879

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of isolistenbis Since hcigetroute holds the device before returning, the hdev should be released with hcidevput at the end of isolistenbis even if the function returns with an error...

CVE-2024-41812 txtdot SSRF vulnerability in /get

txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...

CVE-2024-41812 txtdot SSRF vulnerability in /get

txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery SSRF vulnerability in the /get route of txtdot allows remote attackers to use the server as a proxy to send HTTP GET requests to...

GHSA-MM7R-265W-JV6F Server-Side Request Forgery in @uppy/companion

Versions of @uppy/companion prior to 1.9.3 are vulnerable to Server-Side Request Forgery SSRF. The get route passes the user-controlled variable req.body.url to a GET request without sanitizing the value. This allows attackers to inject arbitrary URLs and make GET requests on behalf of the server...