GHSA-6RR6-V7CJ-MXPG Prefect Auth Bypass via endswith() Health Check Exemption

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

EUVD-2026-26875

A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in improper authentication. The attack is possible to be carried out remotely. The exploit is now public...

EUVD-2026-23434

A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in information disclosure...

CVE-2026-6492 arnobt78 Hotel Booking Management System Health Check Endpoint detailed information disclosure

A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in information disclosure...

CVE-2026-6492 arnobt78 Hotel Booking Management System Health Check Endpoint detailed information disclosure

A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in information disclosure...

CVE-2026-6492

The CVE-2026-6492 entry concerns arnobt78 Hotel Booking Management System (up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea). The vulnerable element is an unknown function within the /api/health/detailed Health Check Endpoint. Manipulation of this endpoint leads to information disclosure. Remote ex...

CVE-2026-6492

A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file /api/health/detailed of the component Health Check Endpoint. Performing a manipulation results in information disclosure...

GHSA-75HX-XJ24-MQRW n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport

Summary Several HTTP transport endpoints in n8n-mcp lacked proper authentication, and the health check endpoint exposed sensitive operational metadata without credentials. Impact An unauthenticated attacker with network access to the n8n-mcp HTTP server could disrupt active MCP sessions and gathe...

Elastic Kibana 代码问题漏洞

Elastic Kibana is a usable data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from server-side request forgery in the /api/fleet/healthcheck API, which can be used to send requests to internal endpoints...