13287 matches found
Mlflow < 2.11.0 - Path Traversal
A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '' character can be used to insert a path into the fragment, effectively...
CVE-2026-10130
creationtimestamp| type| source ---|---|--- 2026-07-18 22:30:23+00:00| seen| https://infosec.exchange/users/offseq/statuses/116943344312678030 2026-07-18 22:30:26+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mqxcw4d2h424 2026-07-18 23:35:46+00:00| seen|...
ChatGPT个人专用版 - Server Side Request Forgery
A Server-Side Request Forgery SSRF in pictureproxy.php of ChatGPT commit f9f4bbc allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the urlparameter. id: CVE-2024-27564 info: name: ChatGPT个人专用版 - Server Side Request Forgery author: DhiyaneshDK...
oapi-codegen: OpenAPI Server Description Escapes Generated Go Comment and Injects Executable Code
Summary The vulnerability in oapi-codegen seems to be similar with CVE-2026-22785, which is a generated-code injection issue where untrusted OpenAPI summary text is embedded into generated TypeScript MCP server source without proper escaping. oapi-codegen has a similar vulnerability in its server...
CVE-2026-11961
creationtimestamp| type| source ---|---|--- 2026-07-17 08:27:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqtdeg53a32x 2026-07-17 09:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116934497361624112 2026-07-17 09:00:32+00:00| seen|...
CVE-2026-62210
OpenClaw before 2026.6.1 is affected by a denial-of-service vulnerability where remote media URLs trigger slow‑read attacks that exhaust gateway worker resources. Attackers with access to configured input paths can supply remote media URLs to consume resources and reduce availability. The issue i...
PT-2026-60845
Name of the Vulnerable Software and Affected Versions IBM Engineering AI Hub versions 1.0.0 through 1.2.0 Description A remote attacker can obtain sensitive information because session tokens are exposed within URLs. Recommendations At the moment, there is no information about a newer version tha...
CVE-2026-44023
Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a server-provided Content-Disposition to a local path in...
CVE-2024-32389
Buffer Overflow vulnerability in Kerlink Kerlink Wirnet iStation 868 KerOS v.4.3.320200803132042 allows a remote attacker to obtain sensitive information via the update URLs component...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
CVE-2024-32389
Kerlink Wirnet iStation 868 KerOS v.4.3.3_20200803132042 exposes a Buffer Overflow in the update URLs component, allowing a remote attacker to obtain sensitive information. This CVE (CVE-2024-32389) has a CVSS v3.1 base score of 3.5 (LOW) with an adjacent attack vector, low confidentiality impact...
CVE-2026-53446
Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan webhook integration URLs in models/integrations.js are stored from user input and later fetched by server/notifications/outgoing.js without applying the existing validateAttachmentUrl private-network checks from...
CVE-2026-53446
CVE-2026-53446 affects Wekan prior to 9.32, where webhook integration URLs stored in models/integrations.js are fetched by server/notifications/outgoing.js without applying the private-network checks in models/lib/attachmentUrlValidation.js. This enables a board administrator to configure webhook...
CVE-2026-54562
Cloudreve is a self-hosted file management and sharing system. Prior to 4.16.1, Cloudreve's remote download workflow accepts user-supplied URLs at POST /api/v4/workflow/download and passes them to the configured downloader without blocking loopback, localhost, IPv6 localhost, or...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length bsc1270620...
SUSE-SU-2026:3040-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2026-41676: openssl: Deriver:derive and PkeyCtxRef:derive can overflow short buffers on OpenSSL 1.1.1 bsc1270208. - CVE-2026-41677: openssl: out-of-bounds read in PEM password callback when returning an oversized length...
Security update for sccache
This update for sccache fixes the following issues: Update to version 0.15.017. CVE-2023-26964: hyper,h2: high resource consumption due to stream stacking when H2 component processes HTTP2 RSTSTREAM frames bsc1210346. CVE-2024-32650: rust-rustls: infinite loop in...
CVE-2026-15773
creationtimestamp| type| source ---|---|--- 2026-07-14 22:16:10+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqnaaxfcay2b 2026-07-14 23:38:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqneuoukdt2x 2026-07-15 19:46:03+00:00| seen|...
CVE-2026-45066
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 6.1.0-BETA1 until 6.4.40, 7.4.12, and 8.0.12, HtmlSanitizer URL sanitization can allow off-allowlist URLs through allowLinkHosts or allowMediaHosts because UrlSanitizer::parse follows RFC 3986...
CVE-2026-14902
An open redirect in Ivanti Xtraction before version 2026.2.1 allows a remote unauthenticated attacker to redirect users to arbitrary external URLs...