EUVD-2026-23731

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function createoriginonlymiddleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The...

CVE-2026-6589 ComfyUI server.py create_origin_only_middleware cross-site request forgery

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function createoriginonlymiddleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The...

CVE-2026-6589

The CVE affects ComfyUI up to version 0.13.0, specifically the function create_origin_only_middleware in server.py. The root cause is a manipulation that enables cross-site request forgery (CSRF). Exploitation is described as possible remotely, with a publicly disclosed exploit. Availability of a...

CVE-2026-6589

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function createoriginonlymiddleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The...

CVE-2026-6589 ComfyUI server.py create_origin_only_middleware cross-site request forgery

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function createoriginonlymiddleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The...

PT-2026-33658

A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function create origin only middleware of the file server.py. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. T...

ComfyUI 安全漏洞

ComfyUI is the most powerful and modular diffusion model GUI and backend developed by comfyanonymous individuals. Versions of ComfyUI prior to 0.13.0 contain security vulnerabilities, which stem from improper handling of the createoriginonlymiddleware function in the file server.py. These...

Wish has SCP Path Traversal that allows arbitrary file read/write

Summary The SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../...

PT-2026-37131

A vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnecting before the request body is fully received. The node treats the failure to read the HTTP request body as an unrecoverable error and aborts the process instead of...

Wish has SCP Path Traversal that allows arbitrary file read/write

The SCP middleware in charm.land/wish/v2 is vulnerable to path traversal attacks. A malicious SCP client can read arbitrary files from the server, write arbitrary files to the server, and create directories outside the configured root directory by sending crafted filenames containing ../ sequence...

next-intl 安全漏洞

next-intl is a Next.js solution developed by Jan Amann. Versions of next-intl prior to 4.9.1 contained a security vulnerability, which was caused by improper handling of middleware pathing, potentially leading to redirection to untrusted hosts...

Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints

Summary The authenticated middleware uses unanchored regular expressions to match public no-auth endpoint patterns against ctx.request.url. Since ctx.request.url in Koa includes the query string, an attacker can access any protected endpoint by appending a public endpoint path as a query paramete...

Interpretation Conflict

Overview @fastify/middie is a Middleware engine for Fastify Affected versions of this package are vulnerable to Interpretation Conflict in the propagation of middleware paths to child plugin scopes due to incorrect re-prefixing. An attacker can gain unauthorized access to protected routes by...

GHSA-72C6-FX6Q-FR5W @fastify/middie vulnerable to middleware authentication bypass in child plugin scopes

Impact @fastify/middie v9.3.1 and earlier incorrectly re-prefixes middleware paths when propagating them to child plugin scopes. When a child plugin is registered with a prefix that overlaps with a parent-scoped middleware path, the middleware path is modified during inheritance and silently fail...

EUVD-2026-23241

@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes...

@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes option

Impact @fastify/middie v9.3.1 and earlier does not read the deprecated but still functional top-level ignoreDuplicateSlashes option, only reading from routerOptions. This creates a normalization gap: Fastify's router normalizes duplicate slashes but middie does not, allowing middleware bypass via...

EUVD-2026-23235

@fastify/middie vulnerable to middleware bypass via deprecated ignoreDuplicateSlashes option...

Official Clerk JavaScript SDKs: Middleware-based route protection bypass

Summary createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. Sessions are not compromised and no existing user can be impersonated - the bypass only affects the...

GHSA-VQX2-FGX2-5WQ9 Official Clerk JavaScript SDKs: Middleware-based route protection bypass

Summary createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. Sessions are not compromised and no existing user can be impersonated - the bypass only affects the...

Incorrect Authorization

Overview @clerk/shared is an Internal package utils used by the Clerk SDKs Affected versions of this package are vulnerable to Incorrect Authorization via the createPathMatcher function in @clerk/shared used by downstream createRouteMatcher. An attacker can gain unauthorized access to protected...