urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

CERTFR-2026-ACT-004

creationtimestamp| type| source ---|---|--- 2026-01-26 14:47:11+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mddiej3zy226 2026-01-26 14:47:12+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115961943162528773 2026-01-26 16:02:17+00:00| seen|...

BIT-CROSSPLANE-2023-38495 Crossplane vulnerable to possible image tampering from missing image validation for Packages

Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...

Avoid Scams After Disaster Strikes

As natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...

CVE-2026-1428

creationtimestamp| type| source ---|---|--- 2026-01-26 07:33:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10655-59160-2.html 2026-01-26 09:26:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdcwgcc6we2h 2026-01-26 09:33:32+00:00| seen|...

SUSE CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

GHSA-PXJ6-P3C4-8W6R

creationtimestamp| type| source ---|---|--- 2026-01-24 22:44:29+00:00| seen| https://gist.github.com/alon710/a770658fe8b0c1bcb8b20445fb4b5269 2026-01-24 22:53:14+00:00| seen| https://gist.github.com/alon710/1a143c0d7ad068c59dfb5300f5debc9f...

GHSA-P4F6-H8JJ-VFVF

creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:20+00:00| seen| https://gist.github.com/alon710/c9127533d7edd671bb1c78c6d4db8ca0 2026-01-24 22:43:31+00:00| seen| https://gist.github.com/alon710/f12368cd9ac8921898d83077e1553626...

GHSA-FCMM-54JP-7VF6

creationtimestamp| type| source ---|---|--- 2026-01-24 22:43:05+00:00| seen| https://gist.github.com/alon710/efbde61109747741050261b3551d59be 2026-01-24 22:43:06+00:00| seen| https://gist.github.com/alon710/c2312e669de51117cddb6fb7c6d3231c...

GHSA-HQF9-8XV5-X8XW

creationtimestamp| type| source ---|---|--- 2026-01-24 21:31:08+00:00| seen| https://gist.github.com/alon710/97491250cd95bc835ebfe51fcfbf1308 2026-01-24 21:31:09+00:00| seen| https://gist.github.com/alon710/6ece0e6f8b35b33d759e8493148369c9 2026-01-24 22:43:01+00:00| seen|...

GHSA-MQQC-3GQH-H2X8

creationtimestamp| type| source ---|---|--- 2026-01-24 21:30:57+00:00| seen| https://gist.github.com/alon710/5f42a3764965ac1bcbc45356fbe43109 2026-01-24 21:30:58+00:00| seen| https://gist.github.com/alon710/4d95fa5234998ffc422c2ecdfe685ef9...

GHSA-HJR9-WJ7V-7HV8

creationtimestamp| type| source ---|---|--- 2026-01-24 21:30:43+00:00| seen| https://gist.github.com/alon710/08e9fba6aa798716d634e3b78b79aa7f 2026-01-24 21:30:44+00:00| seen| https://gist.github.com/alon710/442846c1654b53e08cd06e03a0540301 2026-01-24 22:42:45+00:00| seen|...

GHSA-RXWQ-X6H5-X525

creationtimestamp| type| source ---|---|--- 2026-01-24 21:30:41+00:00| seen| https://gist.github.com/alon710/3ba3aa2b7b17166a424b900a6c87a11f 2026-01-24 21:30:42+00:00| seen| https://gist.github.com/alon710/2199c611ce8981e883f1ab541a397899 2026-01-24 22:42:43+00:00| seen|...

GHSA-F2MF-Q878-GH58

creationtimestamp| type| source ---|---|--- 2026-01-24 21:30:36+00:00| seen| https://gist.github.com/alon710/9ef63edfc6dc58503819febec2f862c0 2026-01-24 21:30:37+00:00| seen| https://gist.github.com/alon710/a73dddc7e65da25fc3a71175b5e38821 2026-01-24 22:42:38+00:00| seen|...

GHSA-9C48-W39G-HM26

creationtimestamp| type| source ---|---|--- 2026-01-24 21:26:52+00:00| seen| https://gist.github.com/alon710/7ff8ff77e1550d03234add83f2deb924 2026-01-24 21:30:44+00:00| seen| https://gist.github.com/alon710/ccae86fb73ee8738a2887b80dcfa8185 2026-01-24 21:30:45+00:00| seen|...