CVE-2026-33745

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored Basic Auth, Bearer Token, and Digest Auth credentials to arbitrary hosts when following cross-origin HTTP redirects 301/302/307/308. A malicious or...

Security update for python310

This update for python310 fixes the following issues: Update to Python 3.10.20: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

Vikjuna Bypasses Webhook SSRF Protections During OpenID Connect Avatar Download

Summary The DownloadImage function in pkg/utils/avatar.go uses a bare http.Client with no SSRF protection when downloading user avatar images from the OpenID Connect picture claim URL. An attacker who controls their OIDC profile picture URL can force the Vikunja server to make HTTP GET requests t...

Vikunja has SSRF via Todoist/Trello Migration File Attachment URLs that Allows Reading Internal Network Resources

Summary The migration helper functions DownloadFile and DownloadFileWithHeaders in pkg/modules/migration/helpers.go make arbitrary HTTP GET requests without any SSRF protection. When a user triggers a Todoist or Trello migration, file attachment URLs from the third-party API response are passed...

PT-2026-27371

X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload...

HybridAuth Has Improper SSL Certificate Validation in Curl HTTP Client

A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This...

SUSE-SU-2026:20768-1 Security update for python311

This update for python311 fixes the following issues: Updated to Python 3.11.15: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

SUSE-SU-2026:20796-1 Security update for python311

This update for python311 fixes the following issues: Updated to Python 3.11.15: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer in HTTPResult in SimpleHTTPClient.java, when following redirects. An attacker can obtain the contents of "Location: response" headers included in client redirects...

SAP NetWeaver AS Java Multiple Vulnerabilities (3700960)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a affected by a multiple vulnerabilities as disclosed in the SAP Security Patch Day March 2026: - An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

CRLF Injection

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to CRLF Injection via the upgrade option of the client.request function. An attacker can inject malicious data into HTTP headers or prematurely terminate HTTP requests by...

RHEL 9 : python3.12 (RHSA-2026:3900)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3900 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

RHEL 9 : python3.12 (RHSA-2026:3897)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3897 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

CVE-2026-27023 Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client

Twenty is an open source CRM. Prior to version 1.18, the SSRF protection in SecureHttpClientService validated request URLs at the request level but did not validate redirect targets. An authenticated user who could control outbound request URLs e.g., webhook endpoints, image URLs could bypass...

CVE-2026-27023 Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client

Twenty is an open source CRM. Prior to version 1.18, the SSRF protection in SecureHttpClientService validated request URLs at the request level but did not validate redirect targets. An authenticated user who could control outbound request URLs e.g., webhook endpoints, image URLs could bypass...

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

Moderate: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

CVE-2026-27734 Beszel Vulnerable to Docker API Path Traversal via Unsanitized Container ID

Beszel is a server monitoring platform. Prior to version 0.18.2, the hub's authenticated API endpoints GET /api/beszel/containers/logs and GET /api/beszel/containers/info pass the user-supplied "container" query parameter to the agent without validation. The agent constructs Docker Engine API URL...

CVE-2025-67752

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...

CVE-2025-67752

OpenEMR prior to version 7.0.4 disables SSL certificate verification in its HTTP client wrapper (oeHttp/oeHttpRequest) by default, setting verify: false. This creates a MITM risk for all HTTPS connections, including communications with government healthcare APIs and other external services, and c...