121973 matches found
EUVD-2026-42298
repomix contains a server-side request forgery vulnerability in the POST /api/pack endpoint that allows unauthenticated attackers to make arbitrary outbound requests. The endpoint fails to properly validate http://, https://, and file:// URLs before passing them to git clone, enabling attackers t...
CVE-2026-59896
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...
CVE-2025-3110
CVE-2025-3110 affects OpenVPN Access Server 2.7.2 through 3.1.0. The vulnerability arises because the product accepts bare line-feed sequences inside HTTP header values, enabling remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy. The connected CVE record conf...
CVE-2025-3110
OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed sequences inside HTTP header values, allowing remote attackers to perform HTTP request smuggling when deployed behind a reverse proxy...
CVE-2026-54344
ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a...
CVE-2026-59896 hono/jsx does not isolate context per request, leading to cross-request data disclosure
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...
EUVD-2026-42326
Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...
CVE-2026-59896
Hono/jsx in the Hono web framework exposes a cross-request data disclosure during server-side rendering. From version 4.11.8 up to, but not including, 4.12.27, context values created via createContext, useContext, jsxRenderer, or useRequestContext were not isolated per request and could be reused...
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...
CVE-2026-59702
Summary: CVE-2026-59702 affects repomix. A server-side request forgery exists in POST /api/pack, where unauthenticated attackers can cause the server to fetch arbitrary URLs without proper validation. The endpoint accepts http://, https://, and file:// URLs and passes them to git clone, enabling ...
EUVD-2026-42276
This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the...
CVE-2026-59253 n8n - Improper Authorization in Workflow Assignment to Folders
n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical...
The vulnerability of the Directum HR Pro system, which exists due to insufficient verification of input data, allows a perpetrator to disclose protected information.
The vulnerability of the Directum HR Pro system exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose protected information by sending a specially crafted POST request...
CVE-2026-9731
The Wp Js Detect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the pluginsettings function. This makes it possible for unauthenticated attackers to update the plugin's...
rConfig 3.9.4 - Server-Side Request Forgery
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the patha parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs. id: CVE-2023-39109 info: name: rConf...
Hurrakify <= 2.4 - Server-Side Request Forgery
The Hurrakify plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application which can be used to query and modify...
Imgproxy <= 3.14.0 - Server-side request forgery (SSRF)
imgproxy =3.14.0 is vulnerable to Server-Side Request Forgery SSRF due to a lack of sanitization of the imageURL parameter. id: CVE-2023-30019 info: name: Imgproxy = 3.14.0 - Server-side request forgery SSRF author: DhiyaneshDK severity: medium description: | imgproxy =3.14.0 is vulnerable to...
LiteLLM - Server-Side Request Forgery
LiteLLM vulnerable to Server-Side Request Forgery SSRF vulnerability Exposes OpenAI API Keys. id: CVE-2024-6587 info: name: LiteLLM - Server-Side Request Forgery author: pdresearch,iamnoooob,rootxharsh,lambdasawa severity: high description: | LiteLLM vulnerable to Server-Side Request Forgery SSRF...
OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF)
OneNav v0.9.35-20240318 is vulnerable to server-side request forgery SSRF via the url parameter in the getlinkinfo API. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-33832 info: name: OneNav v0.9.35-20240318 - Server-Side Reque...
Journyx - XML External Entities Injection (XXE)
The "soapcgi.pyc" API handler allows the XML body of SOAP requests to contain references to external entities. This allows an unauthenticated attacker to read local files, perform server-side request forgery, and overwhelm the web server resources. id: CVE-2024-6893 info: name: Journyx - XML...