Lucene search
K

302 matches found

CVE
CVE
added 4 days ago18 views

CVE-2026-55187

Mailpit contains an SSRF protection gap in Link Check API prior to v1.30.2. The internal IsInternalIP deny-list only blocks common IPv4 private/local addresses and CGNAT, and does not recognize several IPv6 forms that embed IPv4 destinations or IPv6 prefixes outside standard private ranges. Bypas...

5.8CVSS6.1AI score0.00282EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-49213 TypeBot: SSRF protection bypass via IPv6 unspecified address in Typebot HTTP request execution

TypeBot is a chatbot builder tool. Prior to 3.17.2, Typebot's shared SSRF validator in packages/lib/src/ssrf/validateHttpReqUrl.ts can be bypassed with the IPv6 unspecified address :: because validateIPAddress blocks local, metadata, and private ranges but does not block :: or its expanded form. ...

8.1CVSS0.00319EPSS
Exploits0References4
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago21 views

FTP Fetch, Windows Command Shell, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/shell/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

FTP Fetch, Windows shellcode stage, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an FTP server. Custom shellcode stage. Listen for an IPv6 connection Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/custom/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

FTP Fetch, Linux Command Shell, Bind IPv6 TCP Stager (Linux x86)

Fetch and execute a x86 payload from an FTP server. Spawn a command shell staged. Listen for an IPv6 connection Linux x86 Module Options msf use payload/cmd/linux/ftp/x86/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf payloadbindipv6tcp...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago12 views

FTP Fetch, Linux x64 Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x64 payload from an FTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options msf use payload/cmd/linux/ftp/x64/shellreverseipv6tcp msf payloadshellreverseipv6tcp show actions ...actions... msf payloadshellreverseipv6tcp set ACTION msf...

6.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/06 4:54 a.m.5 views

kernel: kernel: ipv6 frag escape

A flaw was found in the Linux kernel's ipv6 networking subsystem. An incorrect parameter length calculation allows an attacker with permissions to create UDP sockets to trigger overwrites of kernel memory, potentially leading to privilege escalation, data corruption, or a system crash...

5.9AI score0.00176EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/07/02 2:52 p.m.7 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS5.8AI score0.00322EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 12:20 a.m.10 views

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

7.8CVSS5.7AI score0.00141EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/01 12:20 a.m.7 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 7:50 p.m.5 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00322EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/29 7:50 p.m.4 views

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

7.8CVSS5.7AI score0.00141EPSS
Exploits0References5
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

DEBIAN-CVE-2026-58058

Nmap through 7.99 does not keep the IPv6 extension-header walk within the captured packet in ipv6getdataprimitive libnetutil/netutil.cc, so the pointer advances past the buffer and the remaining-length computation underflows to a large value. A scanned target or on-path attacker returning a craft...

6.9CVSS5.9AI score0.00278EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 10:34 p.m.4 views

GO-2026-5688 Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms in github.com/axllent/mailpit

Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms in github.com/axllent/mailpit...

5.8CVSS5.8AI score0.00282EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38869

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict several matches to inet family This is a partial revert of: commit ab4f21e6fb1c "netfilter: xtables: use NFPROTOUNSPEC in more extensions" to allow ipv4 and ipv6 only. - xtmac - xtowner - xtphysdev...

5.8AI score0.00176EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53012

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

0.00185EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.9 views

CVE-2026-53074

Summary of CVE-2026-53074 (Linux kernel) : The issue occurs in the bpf_prog_test_run_skb() path where the code may access ip_hdr(skb) or ipv6_hdr(skb) for IPv4/IPv6 inputs even when only an Ethernet header is present. If the Ethernet frame carries an IPv4/IPv6 EtherType but the Layer 3 header is ...

5.7AI score0.00164EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/24 1:56 a.m.11 views

CVE-2026-56116

A flaw was found in dhcpcd. An unauthenticated attacker on the same network link can exploit a memory leak vulnerability in the IPv6 Router Advertisement route information handling. By repeatedly sending specially crafted Router Advertisements with a zero lifetime, the attacker can cause the syst...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.5 views

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

5.7AI score0.00188EPSS
Exploits0References5
Rows per page
Query Builder