PaperCut MF < 25.0.5 Session Hijacking (CVE-2026-5115)

The version of PaperCut MF installed on the remote Windows host is prior to 25.0.5. It is, therefore, affected by a vulnerability: - The PaperCut MF embedded application for Konica Minolta devices is vulnerable to session hijacking. The communication channel between the embedded application and t...

CVE-2026-5115

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115

The CVE concerns PaperCut NG/MF, specifically the embedded application running on Konica Minolta devices. The issue is session hijacking caused by an insecure communication channel between the embedded app and the server, enabling potential data leakage and misuse (e.g., phishing) on user devices...

CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

Fast-DDS 安全漏洞

Fast-DDS is a complete DDS open source by eProsima. A security vulnerability exists in Fast-DDS version 3.3 that stems from improper ticket revocation validation and could lead to insecure communication...

EUVD-2018-2761

Malware in sbrugna...

EUVD-2019-19108

Malware in sbrugna...

EUVD-2017-6341

Malware in sbrugna...

EUVD-2024-33944

Malicious code in bioql PyPI...

EUVD-2022-47510

Malicious code in bioql PyPI...

EUVD-2025-19055

Malicious code in bioql PyPI...

EUVD-2021-7632

Malicious code in bioql PyPI...

Comprehensive MCP Security Checklist: Protecting Your AI-Powered Infrastructure

With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language Models LLMs and Multi-Component Protocols MCP - bring immense potential, but also novel vulnerabilities that traditional...

CVE-2025-5087

Kaleris NAVIS N4 ULC Ultra Light Client communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials...

CVE-2025-5087

Kaleris NAVIS N4 ULC Ultra Light Client communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials...

PT-2025-26770 · Aleris +1 · Kaleris Navis N4 Ulc +1

Name of the Vulnerable Software and Affected Versions: Kaleris NAVIS N4 ULC Ultra Light Client affected versions not specified Description: The issue concerns insecure communication using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients...

CVE-2024-47871

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...

CVE-2023-33620

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...

CVE-2021-20175

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface port 5000 is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be...