CVE-2026-42249 Remote Code Execution in Ollama via Update Mechanism

Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...

CVE-2026-42249

Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...

PT-2026-35912

Name of the Vulnerable Software and Affected Versions Ollama for Windows versions 0.12.10 through 0.17.5 Description The update mechanism in Ollama for Windows allows Remote Code Execution due to improper handling of attacker-controlled HTTP response headers. The application constructs local file...

📄 SolarEdge 3.0-2021 Cross Site Request Forgery / OOB Injection

SolarEdge version 3.0-2021 suffers from a cross site request forgery vulnerability in the /solaredge-web/p/initClient that can lead to a remote command injection vulnerability. Titles: solaredge-CSRF-OOB-Injection 3.0-2021 web portal Author: nu11secur1tyAI Date: 2026-04-26 Vendor: SolarEdge...

squid: Fix of 13 CVEs

CVE-2018-1000027: fix NULL pointer dereference in clientFollowXForwardedForCheck for transactions without a client connection - CVE-2018-19131: fix XSS via X.509 certificate fields rendered unescaped in SSL error pages - CVE-2019-12520: prevent cache poisoning by suppressing URL userinfo from...

CVE-2026-41266

Flowise CVE-2026-41266 affects Flowise (drag-and-drop LLM workflow UI). Before version 3.1.0, GET/unauthenticated access to /api/v1/public-chatbotConfig/:id exposes sensitive data (API keys, HTTP Authorization headers, and internal configuration) without authentication. An attacker who only knows...

Security Bulletin: Due to use of spring-security-web-6.5.8.jar, IBM Sterling Connect:Direct Web Services is affected by missing HTTP header in response issue.

Summary spring-security-web-6.5.8.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-22732. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP...

CVE-2026-4132

The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hhhtpasswdpath' option and lack of sanitization on the...

CVE-2026-1379

The HTTP Headers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.19.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...

CVE-2026-2717

The HTTP Headers plugin for WordPress is vulnerable to CRLF Injection in all versions up to, and including, 1.19.2. This is due to insufficient sanitization of custom header name and value fields before writing them to the Apache .htaccess file via insertwithmarkers. This makes it possible for...

CVE-2026-2717 HTTP Headers <= 1.19.2 - Authenticated (Administrator+) CRLF Injection via Custom Header Values

The HTTP Headers plugin for WordPress is vulnerable to CRLF Injection in all versions up to, and including, 1.19.2. This is due to insufficient sanitization of custom header name and value fields before writing them to the Apache .htaccess file via insertwithmarkers. This makes it possible for...

CVE-2026-1379 HTTP Headers <= 1.19.2 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Custom Headers' Plugin Setting

The HTTP Headers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.19.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...

CVE-2026-1379

The HTTP Headers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.19.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions a...

PT-2026-34272

Name of the Vulnerable Software and Affected Versions HTTP Headers plugin for WordPress versions prior to 1.19.3 Description Insufficient sanitization of custom header name and value fields before they are written to the Apache .htaccess file via the insert with markers function allows...

WordPress HTTP Headers plugin <= 1.19.2 - Authenticated (Administrator+) CRLF Injection vulnerability

Authenticated Administrator+ CRLF Injection vulnerability discovered by Kai Aizen in WordPress Plugin HTTP Headers versions = 1.19.2...

WordPress HTTP Headers plugin <= 1.19.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Daniel Basta whizzu - NASK PIB in WordPress Plugin HTTP Headers versions = 1.19.2...

CVE-2026-5720

The CVE-2026-5720 issue affects the MiniUPnP daemon (miniupnpd). The vulnerability is an integer underflow in SOAPAction header parsing within ParseHttpHeaders(), where improper length validation can cause an underflow to a large unsigned value and an out-of-bounds memchr() read. This can lead to...

Unity Linux 20.1070a Security Update: pcs (UTSA-2026-007275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007275 advisory. Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's...

PT-2026-33521

miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting...

AlmaLinux 8 : nodejs:22 (ALSA-2026:7123)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7123 advisory. brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-25547 minimatch: minimatch: Denial of Service via special...