199 matches found
EUVD-2026-41494
A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result the previous referrer string was erroneously...
CVE-2026-9546
CVE-2026-9546 details (libcurl): A vulnerability causes the HTTP Referer header to persist after CURLOP_REFERER is set to NULL, due to failure to clear internal per-handle state. As a result, the previous referrer can be reused in subsequent requests, potentially leaking sensitive data to uninten...
EUVD-2026-41508
When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...
UBUNTU-CVE-2026-11856
Successfully using libcurl to do a transfer to a specific HTTP origin hostA with Digest authentication and then changing the origin to a different one hostB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Authorization: header field meant for hostA, to hostB...
UBUNTU-CVE-2026-8927
When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...
PT-2026-51750
Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description When reusing a handle for sequential transfers driven by environment-variable proxy configuration, the software fails to clear the proxy authentication state between requests. If an initial...
Linux Distros Unpatched Vulnerability : CVE-2026-52845
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forwardauth copyheaders deletes the exact client-supplied identity header befo...
DEBIAN-CVE-2026-54264
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Servi...
CVE-2026-54264
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Servi...
CVE-2026-54264 Angular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Servi...
CVE-2026-54264
Angular’s @angular/service-worker contains an information-disclosure flaw prior to versions 22.0.1, 21.2.17, and 20.3.25. When the Service Worker fetches assets, it preserves request headers; on cross-origin redirects it does not strip sensitive headers, potentially exposing credentials (e.g., Au...
GHSA-MX8G-39Q3-5C79 webpack-dev-server vulnerable to HMR WebSocket interception via permissive user proxies
Impact When a user-configured proxy on webpack-dev-server has a broad context e.g. / and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This leaks the browser's cookies and Origin header to the backend, bypasses the dev server's Host/Origin...
CVE-2026-53840
OpenClaw CVE-2026-53840 affects the OpenClaw MCP stack before version 2026.5.12. The issue is an information-disclosure vulnerability in streamable-http MCP servers that forwards operator-configured custom headers during cross-origin redirects. If an attacker controls or can compromise an MCP end...
Unintended Proxy or Intermediary ('Confused Deputy')
Overview webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' via permissive user proxy configurations that inclu...
GHSA-QXH6-94W6-9R5P @angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker
An information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Service Worker fetches assets, it preserves metadata such as headers from the original request. However, on cross-origin redirects, the Service Worker fails to strip sensitive...
@angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker
An information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Service Worker fetches assets, it preserves metadata such as headers from the original request. However, on cross-origin redirects, the Service Worker fails to strip sensitive...
PT-2026-48602
Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.2 Description After the handleOperatorCreateAPIKey function in internal/web/operators.go:251 generates a 32-byte bearer token, the application redirects the browser to the endpoint /ui/operators/?new key=&key...
Exploit for CVE-2026-48595
CVE-2026-48595 - elixir-tesla tesla Vulnerability Quick Us...
UBUNTU-CVE-2026-45300
The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch prior to 3.0.10 leak Cookie headers to cross-origin redirect targets. When following a redirect to a...
CVE-2026-45300 async-http-client: Cookie header not stripped on cross-origin redirect
The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch prior to 3.0.10 leak Cookie headers to cross-origin redirect targets. When following a redirect to a...