EUVD-2026-38781

A missing permission check in Jenkins MCP Server Plugin 0.177.v629fdb2557fe and earlier allows attackers with Item/Read permission to read the Pipeline replay scripts of jobs they can access...

CVE-2026-57300

The CVE-2026-57300 entry concerns Jenkins MCP Server Plugin versions 0.177.v629fdb_2557fe and earlier, where a missing permission check allows attackers with Item/Read permission to read Pipeline replay scripts for jobs they can access. The vulnerability stems from inadequate access control on pi...

EUVD-2026-38743

Capgo before 12.128.2 enforces mandatory two-factor authentication only at the UI level. Sensitive Organization ORG management API endpoints e.g., editing organization details, inviting users do not validate 2FA completion on the backend. An authenticated Admin user who has not enabled 2FA can...

JumpServer > 3.6.4 - Information Disclosure

JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not...

keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-54518

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, UnwrappedPropertyHandler.processUnwrappedCreatorProperties replays buffered JSON into creator parameters but never consults...

CVE-2026-47341

Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, whic...

EUVD-2026-38024

Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, whic...

CVE-2026-47341 Apache APISIX: Session replay issue in hmac-auth

Authentication Bypass by Capture-replay vulnerability in Apache APISIX. Attacker can benefit from certain configurations in hmac-auth to re-use a token forever, bypassing expiry. This issue affects Apache APISIX: from 3.11.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, whic...

CVE-2026-47341

CVE-2026-47341 describes an authentication bypass in Apache APISIX due to a capture-replay flaw in the hmac-auth configuration. The issue allows an attacker to reuse a token indefinitely, bypassing expiry, with affected versions 3.11.0 through 3.16.0. The advisory recommends upgrading to 3.17.0, ...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: Remove ppath from ext4extreplayupdateex to avoid double-free. When calling ext4forcesplitextentat&ppath in ext4extreplayupdateex, ppath is updated, but it is path that is freed. This potentially triggers a double-free in th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: Some missing initializations occurred during replay. In several places in the code, we have a label that indicates the start of the code where a request can be replayed if necessary. However, some of these places lacked the...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Make sure to refresh masterdev/mops in rtnlnewlink. While looking at one unrelated syzbot bug, I found that the replay logic in rtnlnewlink could potentially trigger a use-after-free condition. It’s better to clear...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fix for the iteration of extrefs during log replay. When calling inodeaddref and processing extrefs, if we jump to the next label, the value of victimname.len is undefined. This occurs because victimname.len wasn’t...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed a NULL pointer dereference issue in doabortlogreplay. Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath becomes NULL...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix for accessing an uninitialized lock in the fc replay path. The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with the fast-commit feature enabled: INFO: Trying to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed invalid inode pointer dereferences during log replay. In a few places where we call readoneinode, if we receive a NULL pointer, we end up entering an error path. This issue also occurs in cases where add inoderef is...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the refcount leak in parsedurablehandlecontext. When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

PT-2026-50887

Name of the Vulnerable Software and Affected Versions Apache APISIX versions 3.11.0 through 3.16.0 Description An authentication bypass exists due to a capture-replay issue. An attacker can leverage specific configurations in the hmac-auth module to reuse a token indefinitely, effectively bypassi...

CVE-2026-48982

CVE-2026-48982 affects pam_usb prior to version 0.9.2, where updating a one-time pad file creates a temporary file with open() lacking O_EXCL, enabling a race between concurrent processes to update the same pad. This non-atomicity can cause the stored pad to diverge from expectations, potentially...