86 matches found
CVE-2026-15628
The CVE-2026-15628 affects zhayujie chatgpt-on-wechat CowAgent ≤ 2.1.1, specifically the Vision Tool’s Vision._download_to_data_url function. A manipulation of the image argument enables server-side request forgery, allowing remote initiation of attacks. Exploitation is supported by public disclo...
CVE-2026-40007
Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When pipeairgapreceiverenabled=true, the IoTDB AirGap receiver's readLength method calls itself recursively each time it recognises the E-language prefix in socket data, with no depth limit. An unauthenticate...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...
EUVD-2026-39331
A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the issue...
BIT-NIFI-2026-44913 Apache NiFi: Improper Escaping of Table Names in CaptureChangeMySQL
Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection options, but did not...
CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads
Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...
CVE-2026-25688 Apache Answer: XSS in AI Answer Rendering
Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser without proper sanitization, allowing malicious scripts to be executed when the content was viewed. Users are...
CVE-2026-5998
A flaw has been found in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects the function dispatch of the file agent/memory/service.py of the component API Memory Content Endpoint. This manipulation of the argument filename causes path traversal. The attack can be initiated remotely. Th...
Relative Path Traversal
Overview org.apache.ignite:ignite-core is a memory-centric distributed database, caching, and processing platform for transactional, analytical, and streaming workloads delivering in-memory speeds at petabyte scale. Affected versions of this package are vulnerable to Relative Path Traversal via t...
Unity Linux 20.1070e Security Update: datanucleus-core (UTSA-2026-016737)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016737 advisory. Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not...
Unity Linux 20.1070e Security Update: xmlgraphics-commons (UTSA-2026-016739)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016739 advisory. Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a...
Astra Linux – Vulnerability in python-urllib3
urllib3 is a HTTP client library for Python. The streaming API of urllib3 is designed for efficiently handling large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP...
GHSA-FXVJ-WQV2-XGCQ AMF Improperly Restricts Operations within the Bounds of a Memory Buffer
A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...
CVE-2026-8779
A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...
CVE-2026-8781
A security flaw has been discovered in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. The attack may be launched remotely. The exploit has been released to the public and ma...
CVE-2026-8274
A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function dodirectory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been...
Deserialization of Untrusted Data
Overview org.apache.mina:mina-core is a network application framework which helps users develop high performance and high scalability network applications easily. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the IoBuffer.getObject function. An attacker...
CVE-2026-7519 Fujian Apex LiveBOS Endpoint UploadImage.do path traversal
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
EUVD-2026-26467
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the VerifyTimestampResponse function when a forged certificate is prepended to the certificate bag. An attacker can bypass authorization checks by supplying a payload where the signature is validated...