23198 matches found
EUVD-2026-44823
PlaywrightCapture stored capture-specific configuration and runtime data as mutable class-level variables rather than instance-level variables. Consequently, multiple Capture objects running within the same Python process could share state, including HTTP headers, cookies, browser storage, HTTP...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
EUVD-2026-44739
A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...
CVE-2026-12382 Aap-gateway: missing requestheaderstoremove allows mtls bypass via subject header spoofing
A flaw was found in the AAP Gateway Envoy proxy configuration. The non-mTLS route to EDA event streams does not remove the Subject HTTP header from client requests, despite the source code defining requestHeadersToRemove for this header. An unauthenticated remote attacker can inject a spoofed...
CVE-2026-12382
The CVE-2026-12382 issue affects the AAP Gateway Envoy proxy. The non-mTLS route to EDA event streams fails to remove the Subject header despite requestHeadersToRemove, allowing an unauthenticated attacker to spoof a Subject header that matches a legitimate client certificate DN and bypass mTLS t...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
CVE-2026-56434
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...
CVE-2026-56434
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...
CVE-2026-56434 NGINX ngx_http_ssi_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...
kernel: rtmutex: Use waiter::task instead of current in remove_waiter()
A flaw was found in the Linux kernel. When the kernel's real-time mutex rtmutex component performs a specific operation called 'proxy-lock rollback' during futex requeue, it incorrectly handles task pointers. This can lead to a 'Use-After-Free' UAF vulnerability, where the system attempts to use...
nodejs: Node.js: Information disclosure of proxy credentials via proxy tunnel error handling
A flaw was found in Node.js. When proxy credentials are embedded in a proxy URL, an issue in the proxy tunnel error handling can lead to the exposure of these credentials. This information disclosure vulnerability allows an attacker to potentially capture sensitive proxy credentials through logs,...
undici: undici: Man-in-the-Middle attack via ignored TLS options with SOCKS5 proxy
A flaw was found in undici. When undici's ProxyAgent is configured with a SOCKS5 proxy Uniform Resource Identifier URI, it silently ignores Transport Layer Security TLS options, such as custom Certificate Authorities CAs. This allows a remote attacker to perform a Man-in-the-Middle MITM attack,...
Important: Red Hat Security Advisory: nodejs:24 security, bug fix, and enhancement update
An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
undici: undici: Information disclosure and data integrity issues due to incorrect Socks5ProxyAgent connection routing
A flaw was found in undici. When using Socks5ProxyAgent, undici incorrectly reuses a single connection pool across different origins. This can lead to cross-origin request routing, where sensitive credentials and data intended for one destination are sent to another. Consequently, responses from...
ROOT-APP-MAVEN-CVE-2026-42578 CVE-2026-42578 in io.root.io.netty:netty-handler-proxy - Patched by Root
Root has patched CVE-2026-42578 in the io.root.io.netty:netty-handler-proxy package for Root:Maven. Multiple fixed versions available...
CVE-2026-47736
A flaw was found in Puma, a Ruby/Rack web server. When PROXY protocol v1 support is enabled, a remote attacker can continuously send data without proper termination. This causes the server to consume an increasing amount of memory and CPU resources, leading to a Denial of Service DoS where the...
CVE-2026-47737
A flaw was found in Puma, a Ruby/Rack web server. When setremoteaddress proxyprotocol: :v1 is enabled and persistent connections are used, Puma incorrectly re-parses PROXY protocol headers after each keep-alive request on the same connection. This allows a remote attacker to inject a second PROXY...
Request-Baskets <= 1.2.1 - Server Side Request Forgery
Request-Baskets = 1.2.1 allows unauthenticated SSRF via the forwardurl parameter when creating a new basket. id: CVE-2023-27163 info: name: Request-Baskets = 1.2.1 - Server Side Request Forgery author: Jaenact severity: medium description: | Request-Baskets = 1.2.1 allows unauthenticated SSRF via...
Artica Proxy 4.30.000000 - Cross-Site Scripting
Artica Proxy 4.30.000000 contains a cross-site scripting vulnerability via the password parameter in /fw.login.php. id: CVE-2022-37153 info: name: Artica Proxy 4.30.000000 - Cross-Site Scripting author: arafatansari severity: medium description: | Artica Proxy 4.30.000000 contains a cross-site...