6 matches found
PT-2026-30997
Another CVE CVE-2026-31268 has been assigned and is currently pending publication 🥰 https://t.co/2bfMaVHbE4...
Uncaught Exception
Overview Affected versions of this package are vulnerable to Uncaught Exception in the session establishment handler process. An attacker can cause the process to panic and terminate by sending a PFCP Session Establishment Request that omits the mandatory F-SEID CPF-SEID Information Element...
Arbitrary Command Injection
Overview mcp-markdownify-server is a Model Context Protocol MCP server that converts various file types and web content to Markdown format. It provides a set of tools to transform PDFs, images, audio files, web pages, and more into easily readable and shareable Markdown text. Affected versions of...
Uncaught Exception
Overview Affected versions of this package are vulnerable to Uncaught Exception due to improper handling of multipart requests. An attacker can cause the application to crash by sending a specially crafted malformed multi-part upload request that triggers an unhandled exception. Remediation A fix...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to an incorrect size calculation in JSReadBigInt. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Commit - GitHub Issue - GitHub Issue - GitHu...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a bypass of the rate limiter, by forging proxy headers. An attacker can send unlimited traffic to the site. Note: See this documentation, if the IP address of a remote proxy needs to be authorized. Workaroun...