Lucene search
K

135 matches found

OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2839 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: No limit was present on the number of pipelined requests that could be queued. Impact An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS.CVE-2026-54273 If an attacker sends...

8.7CVSS6AI score0.00322EPSS
Exploits0References9
OSV
OSV
added 2026/07/06 6:27 a.m.5 views

OESA-2026-2838 python-aiohttp security update

Async http client/server framework asyncio. Security Fixes: No limit was present on the number of pipelined requests that could be queued. Impact An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS.CVE-2026-54273 If an attacker sends...

8.7CVSS6AI score0.00322EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name

A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...

6.9CVSS5.9AI score0.00238EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session...

7.5CVSS6AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/06/28 12:1 a.m.3 views

RLSA-2022:2129 Moderate: lynx security update

Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. Security Fixes: lynx: Disclosure of HTTP authentication credentials via SNI data CVE-2021-38165 For more details about the security issues, including the impact, a CVS...

5.3CVSS5.8AI score0.04455EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39576

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 10:17 p.m.9 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.4 views

UBUNTU-CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

7.5CVSS5.8AI score0.0021EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/25 9:15 p.m.6 views

CVE-2026-11703

Missing SNI/ALPN binding on stateful session-ID resumption, which previously skipped the binding check performed for ticket-based resumption. A cached session could be resumed under a different SNI/ALPN than originally negotiated and, where client-authentication policy differs across virtual host...

6CVSS5.9AI score0.0021EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/25 9:15 p.m.38 views

CVE-2026-11703

The CVE-2026-11703 entry describes a vulnerability in stateful (session-ID) TLS resumption where missing SNI/ALPN binding allowed a cached session to be resumed under a different SNI/ALPN than originally negotiated. The root cause is the absence of binding checks for stateful resumption paths, wh...

7.5CVSS5.9AI score0.0021EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/25 5:32 p.m.5 views

CVE-2026-54275

A flaw was found in aiohttp, an asynchronous HTTP client/server framework. This vulnerability allows a remote attacker to bypass the Transport Layer Security TLS Server Name Indication SNI check. This occurs when an application reuses an existing connection for multiple requests to the same domai...

7.5CVSS5.8AI score0.00266EPSS
Exploits0References4
NVD
NVD
added 2026/06/23 8:16 p.m.7 views

CVE-2026-53622

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

10CVSS0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 7:13 p.m.38 views

CVE-2026-53622 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

7.8CVSS0.0024EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/23 7:13 p.m.18 views

CVE-2026-53622 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake...

7.8CVSS5.9AI score0.0024EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/22 4:34 p.m.36 views

CVE-2026-54275 AIOHTTP: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existing connection is reused. If an application makes multiple requests to the same domain, but with different per-request serverhostname...

6.9CVSS0.00266EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:34 p.m.4 views

CVE-2026-54275

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existing connection is reused. If an application makes multiple requests to the same domain, but with different per-request serverhostname...

6.9CVSS5.8AI score0.00266EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/16 9:4 p.m.5 views

GHSA-9CR8-Q42Q-G8M7 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts

Summary There is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake selects the applicable TLS configuration through an exact,...

7.8CVSS5.8AI score0.0024EPSS
Exploits1References3
Snyk
Snyk
added 2026/06/16 7:2 p.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview github.com/traefik/traefik/v2/pkg/server is a server package for traefik, a cloud native edge router. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protecte...

10CVSS6AI score0.00245EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/16 7:2 p.m.5 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/16 7:2 p.m.4 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the SNICheck process. An attacker can gain unauthorized access to protected backends by completing a TLS handshake using a permissive SNI and then sending an HTTP Host header...

10CVSS6AI score0.00245EPSS
Exploits1References2
Rows per page
Query Builder