Linux Distros Unpatched Vulnerability : CVE-2026-7010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and U...

webpack-dev-server 安全漏洞

webpack-dev-server is an open-source application developed by webpack. Versions of webpack-dev-server prior to version 5.2.3 contained security vulnerabilities. These vulnerabilities stemmed from exposure to cross-origin code. When it provided services through non-potentially trusted sources, suc...

Code Runner MCP Server 访问控制错误漏洞

Code Runner MCP Server is a multi-language code execution and result display tool developed by Jun Han. There is an access control vulnerability in Code Runner MCP Server. This vulnerability arises when the --transport http option is used, exposing an unauthenticated /mcp JSON-RPC endpoint on por...

PT-2026-39994

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

PT-2026-40121

Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...

Apache Tomcat 授权问题漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Vulnerabilities exist in versions of Apache Tomcat ranging from 11.0.0-M1 to 11.0.21, from 10.1.0-M1 to 10.1.54, from 9.0.0.M1 t...

DEBIAN-CVE-2026-7010

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

CVE-2026-7010

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

Moderate: Red Hat Security Advisory: libsoup3 security update

An update for libsoup3 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2026-7010 HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

CVE-2026-43884 WWBN AVideo: SSRF Protection Bypass via HTTP Redirect and DNS Rebinding in isSSRFSafeURL()

WWBN AVideo is an open source video platform. In versions up to and including 29.0, two endpoints plugin/AI/receiveAsync.json.php and objects/EpgParser.php in AVideo call isSSRFSafeURL to validate user-supplied URLs, then fetch them using bare filegetcontents without disabling PHP's automatic...

CVE-2026-43884

WWBN AVideo (up to v29.0) contains SSRF protection bypass via HTTP redirects and DNS rebinding in isSSRFSafeURL(). Two endpoints (plugin/AI/receiveAsync.json.php and objects/EpgParser.php) fetch user-provided URLs with file_get_contents() after a single initial validation, allowing a 302 redirect...

CVE-2026-43884 WWBN AVideo: SSRF Protection Bypass via HTTP Redirect and DNS Rebinding in isSSRFSafeURL()

WWBN AVideo is an open source video platform. In versions up to and including 29.0, two endpoints plugin/AI/receiveAsync.json.php and objects/EpgParser.php in AVideo call isSSRFSafeURL to validate user-supplied URLs, then fetch them using bare filegetcontents without disabling PHP's automatic...

io.quarkus:quarkus-vertx-http-deployment (>=2.11.0.CR1 <=3.3.3) potentially affected by CVE-2026-41148 via org.webjars.npm:mermaid (>=9.1.1 <=9.4.0)

org.webjars.npm:mermaid MAVEN version =9.1.1, =2.11.0.CR1, =3.3.3 Source cves: CVE-2026-41148 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16642045...

CVE-2026-43995

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, multiple tool implementations directly import and invoke raw HTTP clients node-fetch, axios instead of using the secured wrapper. These tools include 1 OpenAPIToolkit/OpenAPIToolkit.ts, 2...

Security Bulletin: MongoDB Enterprised Advanced affected by: Improper Input Validation vulnerability (CVE-2025-15284, CVE-2026-2391)

Summary There are vulnerabilities in qs-6.14.0.tgz, qs-6.14.1.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-15284, CVE-2026-2391. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs...

BIT-LIBPYTHON-2025-13836 Excessive read buffering DoS in http.client

When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS...

Valtimo has sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer

Summary The LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers. When an error response is received, this information is included in the thrown...

Decompression Bomb

Overview urllib3 is a HTTP library with thread-safe connection pooling, file post, and more. Affected versions of this package are vulnerable to Decompression Bomb either in HTTPResponse.read when Brotli is in use, or when HTTPResponse.drainconn is called after partial decompression has begun. An...

urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

Impact When following cross-origin redirects for requests made using urllib3’s high-level APIs, such as urllib3.request, PoolManager.request, and ProxyManager.request, sensitive headers — Authorization, Cookie, and Proxy-Authorization defined in Retry.DEFAULTREMOVEHEADERSONREDIRECT — are stripped...