6 matches found
CVE-2026-56220
Capgo before version 12.128.2 contains an authorization bypass in the public.manifest INSERT policy that lets read-only org members insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3_path values, which are served to devices via th...
EUVD-2026-42247
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
CVE-2026-56220 Capgo - Unauthorized Manifest Insertion via Read-Only Org Member
Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3path values that are served to device...
📄 DigitalOcean Droplet Agent Remote Command Execution
DigitalOcean Droplet Agent versions through 1.3.2 suffer from a remote command injection vulnerability via metadata poisoning and side-channel attacks. CVE-2026-24516-DigitalOcean-RCE. Technical analysis and PoC for CVE-2026-24516: Unauthenticated Root Remote Code Execution in DigitalOcean Drople...
Docker Fixes ‘Ask Gordon’ AI Flaw That Enabled Metadata-Based Attacks
Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the "lethal trifecta" enabled this attack and...
CVE-2025-23191
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter the atom:link values in the returned metadata redirecting them from the SAP server to a malicious link set by the attacke...