71 matches found
CVE-2026-45577
Neotoma provides versioned records that persist across agent runs. From 0.6.0 to before 0.11.1, Neotoma can treat public reverse-proxied requests as local when the app receives them over a loopback socket and no Bearer token is present. In affected deployments, the REST auth middleware can resolv...
SUSE CVE-2026-41999
Incorrect Behaviour of Views with TCP PROXY Requests...
CVE-2026-41999
Incorrect Behaviour of Views with TCP PROXY Requests...
EUVD-2026-31262
Incorrect Behaviour of Views with TCP PROXY Requests...
CVE-2026-41999 Incorrect Behaviour of Views with TCP PROXY Requests
Incorrect Behaviour of Views with TCP PROXY Requests...
CVE-2026-41999
Incorrect Behaviour of Views with TCP PROXY Requests...
CVE-2026-41999
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-41999
Incorrect Behaviour of Views with TCP PROXY Requests...
PT-2026-42445
Incorrect Behaviour of Views with TCP PROXY Requests...
PowerDNS Authoritative 访问控制错误漏洞
PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a vulnerability related to access control, which stems from incorrect behavior in the view of TCP PROXY requests...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from the incorrect classification of proxy remote requests as loop connections, which could allow attackers ...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key
Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...
Shannon 信任管理问题漏洞
Shannon is an open-source white-box penetration testing tool developed by KeygraphHQ. Shannon has a vulnerability related to trust management, which stems from hardcoded API keys in router configurations. This vulnerability could allow unauthenticated attackers to make proxy requests and...
CVE-2026-0612
The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...
CVE-2026-0612 CVE-2026-0612
The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...
CVE-2026-0612
The Librarian (TheLibrarian.io) contains an information leakage vulnerability in the web_fetch tool that allows an attacker to retrieve arbitrary external content and proxy requests through The Librarian infrastructure. The issue affects The Librarian implementations and has been fixed in all ver...
PT-2026-3247
Name of the Vulnerable Software and Affected Versions The Librarian affected versions not specified Description The Librarian software has an information leakage issue stemming from the web fetch tool. This allows an attacker to retrieve arbitrary external content, potentially using The Librarian...
CVE-2025-60534
CVE-2025-60534 affects Blue Access Cobalt v02.000.195. The issue is an authentication bypass that lets an attacker selectively proxy requests to operate functionality in the web application without valid credentials. Primary impact is high (CVSS: 9.8, Network attacker, no privileges required, no ...