Traefik 数据伪造问题漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions prior to Traefik 2.11.43, 3.6.14, and 3.7.0-rc.2 contained a data manipulation vulnerability. This vulnerability stems from the ForwardAuth middleware, which has a authentication bypass vulnerability wh...

FreeBSD : FreeBSD -- Heap overflow in libnv (c3a9c5a6-4435-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c3a9c5a6-4435-11f1-bb07-bc241121aa0a advisory. When processing the header of an incoming message, libnv failed to properly validate the message size...

Fedora 43 : miniupnpd (2026-5f908cb040)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5f908cb040 advisory. 2026/03/24: fix missing fclose and potential double free in option file parsing 2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders minixml.c:...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

CVE-2026-40685

Exim before 4.99.2 is affected when JSON lookup is enabled. An out-of-bounds heap write can occur if a JSON operator encounters malformed JSON in an untrusted header, caused by an incorrect implementation of the JSON skipping logic. CVSS v3.1 metrics indicate a high-severity, remote-execution-lik...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

Fedora 42 : asterisk (2026-98decbde87)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-98decbde87 advisory. Update to Asterisk 18.26.4, addressing numerous security vulnerabilities accumulated since the long-stale 18.12.1 package. The following CVEs are...

AlmaLinux 8 : fence-agents (ALSA-2026:12176)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:12176 advisory. cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CVE-2026-26007 pyjwt: PyJWT accepts unknown crit header...

Important: openexr

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signe...

EUVD-2026-26443

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities arise from improper validation of message sizes during the processing of incoming message headers. This can allow malicious programs to write beyond the heap...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

PT-2026-37098

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.29.1 through 8.30.x Description An unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations. This is achieved by supplying a craft...

Fedora 42 : miniupnpd (2026-2e8a8fd35b)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2e8a8fd35b advisory. 2026/03/24: fix missing fclose and potential double free in option file parsing 2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders minixml.c:...

Traefik 安全漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Traefik has a security vulnerability that stems from its header forwarding cleanup logic, which only handles standard header names. It does not process aliases that use underscores instead of hyphens, which may...

Oracle Linux 8 / 9 : dtrace (ELSA-2026-50250)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50250 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap i...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...