905 matches found
CVE-2026-40337
The Sentry kernel vulnerability (CVE-2026-40337) affects tasks with DEV/IO capabilities that can interact with another task’s IRQ line via the _sys_int * syscall family. Before version 0.4.7, this enables DoS and covert-channels to the outside world. A patch exists in 0.4.7; workaround: limit DEV...
GHSA-85GX-3QV6-4463 Dapr: Service Invocation path traversal ACL bypass
Summary A vulnerability has been found in Dapr that allows bypassing access control policies for service invocation using reserved URL characters and path traversal sequences in method paths. The ACL normalized the method path independently from the dispatch layer, so the ACL evaluated one path...
OpenClaw: Nostr profile mutation routes allowed operator.write config persistence
Summary Nostr profile mutation routes allowed operator.write config persistence. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact Nostr plugin HTTP profile routes could persist profile config through a path that did not require admin...
PT-2026-33384
Name of the Vulnerable Software and Affected Versions Math.js versions 13.1.1 through 15.1.x Description An issue in the expression parser allows the execution of arbitrary JavaScript. This occurs in applications where users are permitted to evaluate arbitrary expressions using the mathjs...
PT-2026-36183
Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.43 Traefik versions prior to 3.6.14 Traefik versions prior to 3.7.0-rc.2 Description An issue exists in the Kubernetes CRD provider cross-namespace isolation enforcement. When...
October Rain has Environment Variable Exfiltration via INI Parser Interpolation
A server-side information disclosure vulnerability was identified in the INI settings parser. PHP's parseinistring function supports $ syntax for environment variable interpolation. Attackers with Editor access could inject $APPKEY, $DBPASSWORD, or similar patterns into CMS page settings fields,...
SSH/SCP option injection allowing local RCE in @aiondadotcom/mcp-ssh
Impact A crafted hostAlias argument such as -oProxyCommand=... was passed to ssh/scp without an argument terminator. SSH interprets arguments starting with - as options regardless of position, so the option-injection caused SSH to execute the attacker-supplied ProxyCommand locally on the machine...
PT-2026-33226
Name of the Vulnerable Software and Affected Versions mitmproxy versions prior to 12.2.2 Description The builtin LDAP proxy authentication fails to correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. This issue only affects...
GHSA-XRW6-GWF8-VVR9 Tmds.DBus: malicious D-Bus peers can spoof signals, exhaust file descriptor resources, and cause denial of service
Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by sending messages with an excessive number of Unix file descriptors, an...
CVE-2026-34954
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.downloadfile in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream with followredirects=True. An attacker who controls the URL can reach any...
Linux Distros Unpatched Vulnerability : CVE-2026-34591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Poetry is a dependency manager for Python. From version 1.4.0 to before version 2.3.3, a crafted wheel can contain ../ paths that Poetry writes to disk without...
SUSE CVE-2026-34601
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator to be inserted into a...
CVE-2026-34061 nimiq/core-rs-albatross: Macro block proposal interlink bug
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an elected validator proposer can send an election macro block whose header.interlink does not match the canonical next interlink. Honest...
Linux Distros Unpatched Vulnerability : CVE-2026-34518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, when following redirects to a different origin, aiohttp...
CVE-2026-34931 hoppscotch: Improper loopback redirect_uri validation in device-login flow
hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is an open redirect vulnerability that leads to token exfiltration. With these tokens, the attacker can sign in as the victim to takeover their account. This issue has been patched in version 2026.3.0...
Axios supply chain attack - dependency in @lightdash/cli may resolve to compromised axios versions
Impact A supply chain attack on the axios npm package versions 1.14.1 and 0.30.4 introduced a malicious transitive dependency [email protected] that deploys a cross-platform remote access trojan RAT on macOS, Windows, and Linux. The attacker compromised the primary axios maintainer's npm...
EUVD-2026-18472
DbGate is cross-platform database manager. From version 7.0.0 to before version 7.1.5, a stored XSS vulnerability exists in DbGate because attacker-controlled SVG icon strings are rendered as raw HTML without sanitization. In the web UI this allows script execution in another user's browser; in t...
CVE-2026-34590 Postiz: SSRF via Webhook Creation Endpoint Missing URL Safety Validation
Postiz is an AI social media scheduling tool. Prior to version 2.21.4, the POST /webhooks/ endpoint for creating webhooks uses WebhooksDto which validates the url field with only @IsUrl format check, missing the @IsSafeWebhookUrl validator that blocks internal/private network addresses. The updat...
CVE-2025-13535
The King Addons for Elementor plugin for WordPress is vulnerable to multiple Contributor+ DOM-Based Stored Cross-Site Scripting vulnerabilities in all versions up to, and including, 51.1.38. This is due to insufficient input sanitization and output escaping across multiple widgets and features. T...
UBUNTU-CVE-2026-31937
Suricata is a network IDS, IPS and NSM engine. Prior to version 7.0.15, inefficiency in DCERPC buffering can lead to a performance degradation. This issue has been patched in version 7.0.15...