CVE-2026-31837 Istio JWKS resolver to prevent private key material from being exposed when JWKS fetch fails.

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

EUVD-2026-10938

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

CVE-2026-31837

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

EUVD-2026-10757

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

Server-side Request Forgery (SSRF)

Overview org.webjars.npm:pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLResolver component. An attacker can obtain sensitive information by making crafted requests to internal or...

Server-side Request Forgery (SSRF)

Overview pdfmake is a Client/server side PDF printing in pure JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URLResolver component. An attacker can obtain sensitive information by making crafted requests to internal or external resources...

GHSA-WP52-R2FP-4VMR pdfmake is vulnerable to server-side request forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

CVE-2026-26801

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

pdfmake 安全漏洞

pdfmake is a pure JavaScript server-side and client-side PDF document generation library developed by Bartek Pampuch. There were security vulnerabilities in the version 0.3.0-beta.2 to 0.3.5 of pdfmake, which stemmed from the src/URLResolver.js component’s server-side request forgery vulnerabilit...

CVE-2026-26801

Server-Side Request Forgery SSRF vulnerability in pdfmake versions 0.3.0-beta.2 through 0.3.5 allows a remote attacker to obtain sensitive information via the src/URLResolver.js component. The fix was released in version 0.3.6 which introduces the setUrlAccessPolicy method allowing server operato...

PT-2026-24364

Name of the Vulnerable Software and Affected Versions pdfmake versions 0.3.0-beta.2 through 0.3.5 Description A Server-Side Request Forgery SSRF issue exists in the src/URLResolver.js component of pdfmake. This allows a remote attacker to potentially obtain sensitive information. The issue was...

PT-2026-24488

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a user of Istio is impacted if the JWKS resolver becomes unavailable or the fetch fails, exposing hardcoded defaults regardless of use of the RequestAuthentication resource. This...

Istio 信息泄露漏洞

Istio is an open-source platform that connects, manages, and protects microservices. Versions of Istio prior to 1.29.1, 1.28.5, and 1.27.8 have a vulnerability related to information leakage. This vulnerability arises from the JWKS resolver being unavailable or failing to retrieve values, exposin...

CVE-2026-26801

CVE-2026-26801 describes a Server-Side Request Forgery (SSRF) in pdfmake versions 0.3.0-beta.2 through 0.3.5, exploitable via the src/URLResolver.js component. The underlying issue is that server-side requests could access arbitrary URLs. The fix is in version 0.3.6, which introduces setUrlAccess...

EUVD-2025-208403

The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...

EUVD-2025-208404

The rtsol8 and rtsold8 programs do not validate the domain search list options provided in router advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell script which does not validate its input. A lack of quoting meant that shell commands pass as input...

CVE-2026-3725

CVE-2026-3725 affects 1024-lab/lab1024 SmartAdmin up to version 3.29. The issue resides in the FreeMarker Template Handler, specifically the function freemarkerResolverContent in MailService.java. Manipulating the argument template_content can lead to improper neutralization of special elements u...

CVE-2026-1678

dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...

CVE-2026-29125

IDC SFX2100 Satalite Recievers set the /etc/resolv.conf file to be world-writable by any local user, allowing DNS resolver tampering that can redirect network communications, facilitate man-in-the-middle attacks, and cause denial of service...

CVE-2026-1678

dnsunpackname caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled default, a malicious DNS response can trigger an out-of-bounds wri...