PT-2026-37205

Name of the Vulnerable Software and Affected Versions AzuraCast versions prior to 0.23.6 Description The ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header without a trusted proxy allowlist. An unauthenticated attacker can exploit this by injecting...

Authentication Bypass by Assumed-Immutable Data

Overview Affected versions of this package are vulnerable to Authentication Bypass by Assumed-Immutable Data in the step-up verification process. An attacker can gain unauthorized access to root-only channel secrets by bypassing authentication mechanisms using passkey-based methods. Remediation...

SAP Business Connector 操作系统命令注入漏洞

SAP Business Connector is a middleware from SAP, Germany. SAP Business Connector suffers from an operating system command injection vulnerability that stems from OS command injection and could lead to the execution of arbitrary operating system commands...

IBM EntireX 代码问题漏洞

IBM EntireX is a versatile middleware solution from International Business Machines IBM designed to facilitate seamless integration between core enterprise applications and modern applications. A code issue vulnerability exists in IBM EntireX that stems from vulnerability to XML external entity...