CVE-2026-43994

Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t noncelen field read from an attacker-supplied OAuth access token 0-65535 is passed directly to memcpy as the copy length into a 256-byte...

UBUNTU-CVE-2026-44894

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

CVE-2026-44894

Netty's QUIC token handling bug: NoQuicTokenHandler.validateToken() returns 0 (valid) before 4.2.15.Final, causing the server to treat any non-empty Initial token as valid and invoke quiche_accept, lifting anti-amplification limits per RFC 9000. An attacker with a spoofed victim IP can trigger re...

Netty's Default QUIC token handler accepts any client-supplied token

NoQuicTokenHandler is the tokenHandler used when the application does not set one. Its writeToken returns false server will not send Retry — acceptable, but validateToken unconditionally return 0. In QuicheQuicServerCodec.handlePacket, a non-negative return from validateToken is interpreted as...

CVE-2026-42961

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

USN-8356-1 gsasl vulnerability

It was discovered that GNU SASL did not properly handle certain DIGEST-MD5 tokens. An attacker could possibly use this issue to cause GNU SASL to crash, resulting in a denial of service...

EUVD-2026-29944

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

CVE-2026-42961

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

CVE-2026-42961

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

CVE-2026-42961

ELECOM wireless LAN access point devices are affected by CVE-2026-42961 due to inadequate CSRF token handling. An authenticated user viewing a malicious page could trigger unintended operations. CVSS metrics in the sources show MEDIUM severity (CVSS3.0: 4.3; CVSS4.0: 5.1) with Network access and ...

CVE-2026-42961

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

PT-2026-40601

ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

EUVD-2026-26490

The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper input validation in the maybelogintemporaryuser function, which fails to verify that the 'temp-login-token' GET parameter is a scalar string before...

Insertion Of Sensitive Information Into Sent Data

Axios is vulnerable to Insertion of Sensitive Information Into Sent Data. The vulnerability is due to improper use of truthy/falsy evaluation for the withXSRFToken configuration instead of strict boolean checks, which allows an attacker to force XSRF tokens to be sent to malicious cross-origin...

CVE-2026-31643

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpcpreparsexdryfsrxgk, the memory attached to token-rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it in the "rejecttoken:" case...

CVE-2026-31610

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks incrementally as it walks the input. When ksmbddecodenegTokenInit reaches the mechToken 2 OCTET STRING...

PT-2026-34995

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpc preparse xdr yfs rxgk, the memory attached to token-rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it in the "reject token:" case...

DNS Rebinding

Overview copilot-api is a Turn GitHub Copilot into OpenAI/Anthropic API compatible server. Usable with Claude Code! Affected versions of this package are vulnerable to DNS Rebinding in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header...

JLSEC-2026-94

In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields...

SUSE-SU-2026:1293-1 Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on...