CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/26 9:34 p.m.•10 views

CVE-2026-44213

The CVE affects the OpenTelemetry.Exporter.Instana NuGet package. Before version 1.1.0, when INSTANA_ENDPOINT_PROXY is set, the Transport.ConfigureBackendClient() code creates an HttpClient that disables TLS certificate validation, allowing a network attacker to perform a MitM on the proxy and re...

ATTACKERKB•added 2026/05/26 9:34 p.m.•5 views

CVE-2026-44213

The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the...

Exploits0References2Affected Software1

Cvelist•added 2026/05/26 9:34 p.m.•26 views

CVE-2026-44213 OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

6.5CVSS0.00007EPSS

CNNVD•added 2026/05/26 12:0 a.m.•5 views

OpenTelemetry Collector Contrib 信任管理问题漏洞

OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry Collector Contrib prior to 1.1.0 contained a trust management vulnerability. This vulnerability stemmed from the lack of validation of HTTPS/TL...

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в libproxy

In libproxy, the url.cpp module in version 0.4.15 is vulnerable to a buffer overflow when PAC is enabled. This vulnerability was confirmed by using a large PAC file that was sent without a Content-length header...

9.8CVSS7.5AI score0.00717EPSS

OSV•added 2026/05/15 8:50 a.m.•2 views

BIT-NGINX-GATEWAY-2026-42926 NGINX ngx_http_proxy_v2_module vulnerability

When NGINX Open Source is configured to proxy HTTP/2 traffic by setting proxyhttpversion to 2, and also uses proxysetbody, an attacker may be able to inject frame headers and payload bytes to the upstream peer. Note: Software versions which have reached End of Technical Support EoTS are not...

6.3CVSS5.8AI score0.00027EPSS

Exploits1References2

CNNVD•added 2026/05/11 12:0 a.m.•4 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.20 contained security vulnerabilities. These vulnerabilities stemmed from security bypasses in the proxy’s config.patch and config.apply endpoints, which failed to protect...

7.1CVSS5.8AI score0.00028EPSS

OSV•added 2026/05/08 8:48 p.m.•1 views

GHSA-WFR5-454P-MJC2 OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

Summary The OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using the INSTANAENDPOINTPROXY environment variable. If a network attacker can Man-in-the-Middle MitM the...

Github Security Blog•added 2026/05/08 8:48 p.m.•6 views

OpenTelemetry.Exporter.Instana bypasses TLS certificate validation when a proxy is configured

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/08 12:0 a.m.•7 views

PT-2026-39240

Name of the Vulnerable Software and Affected Versions OpenTelemetry.Exporter.Instana affected versions not specified Description The OpenTelemetry.Exporter.Instana NuGet package fails to validate HTTPS/TLS certificates when sending telemetry to an Instana back-end if a proxy is configured via the...

Cvelist•added 2026/05/04 2:41 p.m.•37 views

Exploits0References7

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00648EPSS

NVD•added 2026/04/29 8:16 p.m.•2 views

CVE-2018-25313

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the...

6.9CVSS0.00018EPSS

EUVD•added 2026/04/29 7:24 p.m.•3 views

EUVD-2018-21834

6.9CVSS5.7AI score0.00018EPSS

Vulnrichment•added 2026/04/29 7:24 p.m.•2 views

CVE-2018-25313 SysGauge 4.5.18 Local Denial of Service via Proxy Configuration

6.9CVSS6AI score0.00018EPSS

Cvelist•added 2026/04/29 7:24 p.m.•22 views

CVE-2018-25313 SysGauge 4.5.18 Local Denial of Service via Proxy Configuration

6.9CVSS0.00018EPSS

CVE•added 2026/04/29 7:24 p.m.•5 views

CVE-2018-25313

CVE-2018-25313 affects SysGauge 4.5.18. A buffer overflow in the proxy configuration handler allows local attackers to cause a denial of service by supplying an oversized string, specifically via the Proxy Server Host Name field in the Options menu. The impact is a local DoS with the application ...

6.9CVSS5.7AI score0.00018EPSS

CNNVD•added 2026/04/29 12:0 a.m.•5 views

Flexense SysGauge 安全漏洞

Flexense SysGauge is a system analysis tool developed by Flexense Corporation, designed for real-time monitoring of system performance and resource usage. Version 4.5.18 of Flexense SysGauge contains a security vulnerability. This vulnerability stems from a buffer overflow in the proxy...

6.9CVSS6.1AI score0.00018EPSS