PT-2026-42531

Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

Godot MCP 操作系统命令注入漏洞

Godot MCP is an MCP server developed by Solomon Elias, designed for interfacing with the Godot game engine. Versions of Godot MCP prior to 0.1.1 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the executeOperation function, which directly...

CVE-2026-24489

Gakido is a Python HTTP client focused on browser impersonation and anti-bot evasion. A vulnerability was discovered in Gakido prior to version 0.1.1 that allowed HTTP header injection through CRLF Carriage Return Line Feed sequences in user-supplied header values and names. When making HTTP...

Gakido injection vulnerability

Gakido is a high-performance HTTP client developed by Happy Hacking Space. Versions of Gakido prior to 0.1.1 contained an injection vulnerability. This vulnerability stemmed from CRLF sequences present in the header values and names provided by users, which could lead to HTTP header injection...

SUSE CVE-2018-1000891

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums...

LiuOS 安全漏洞

LiuOS is a small Python project designed to mimic the functionality of a regular operating system. A security vulnerability exists in versions of LiuOS prior to 0.1.1, which stems from a vulnerability that allows an attacker to set the GITHUBACTIONS environment variable to any value other than nu...