LocalAI - Partial Local File Read

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery SSRF and partial Local File Inclusion LFI. The endpoint supports both https-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the...

CVE-2026-58051

A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

Emby Server - Authentication Bypass

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

PT-2026-53749

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.471 Description Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Server and project lookups are not scoped to the current team, which allows any...

Gogs <= 0.13.3 - Remote Code Execution

Gogs self-hosted Git service versions 0.13.3 and earlier contain a critical symlink bypass vulnerability that circumvents the fix for CVE-2024-55947. Authenticated users can exploit improper symbolic link handling in the PutContents API to overwrite files outside the repository by committing a...

EUVD-2026-39924

The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and...

GO-2026-5771 DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost in github.com/modelcontextprotocol/go-sdk

DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost in github.com/modelcontextprotocol/go-sdk...

EUVD-2026-31393

golang.org/x/crypto/ssh is vulnerable to invoking server panic during CheckHostKey/Authenticate flow...

EUVD-2026-39561

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

CVE-2026-54030

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.5, LibreChat's MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata RFC 9728 matches the configured MCP server URL, allowing a malicious MCP server to...

EUVD-2026-39432

3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by modifying Xray configuration values stored in the database. This can be leveraged to obtain code...

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

CVE-2026-42389 Reject more queries with invalid header values

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

CVE-2026-42389

CVE-2026-42389 fixes an issue by adding extra hardening in the 5.4.x branch through enhanced validation of incoming answers from authoritative servers (no exploited details provided in the documents).

EUVD-2026-39388

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

EUVD-2026-38826

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...

CVE-2026-12958

Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously crafted symlink that resolves to a file path outside the workspace trust boundary. To remediate...

CVE-2026-12957

Improper trust boundary enforcement in Language Servers for AWS before version 1.65.0 on all supported platforms may allow a for arbitrary code execution. If a local user opens a maliciously crafted workspace, any commands within the project configuration files may be automatically executed. This...