CLEANSTART-2026-MK07381 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-42499, CVE-2026-42501 applied in versions: 0.35.0-r0, 0.35.0-r1, 0.35.0-r2

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

CLEANSTART-2026-DM62512 Security fixes for CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.35.0-r0

Multiple security vulnerabilities affect the sealed-secrets package. These issues are resolved in later releases. See references for individual vulnerability details...

Linux Distros Unpatched Vulnerability : CVE-2026-28434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the...

SUSE CVE-2026-28435

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

CVE-2026-28435

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

CVE-2026-28434

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

UBUNTU-CVE-2026-28435

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, cpp-httplib httplib.h does not enforce Server::setpayloadmaxlength on the decompressed request body when using HandlerWithContentReader streaming ContentReader with Content-Encoding: gzip or other...

EUVD-2026-9495

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

CVE-2026-28434

The CVE affects cpp-httplib (C++11 single-file header-only library). Before 0.35.0, if a request handler throws an exception and no custom exception handler is registered via set_exception_handler(), the library writes the exception message into the HTTP response header EXCEPTION_WHAT and sends i...

CVE-2026-28434 cpp-httplib's default exception handler leaks e.what() to clients via EXCEPTION_WHAT response header

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.35.0, when a request handler throws a C++ exception and the application has not registered a custom exception handler via setexceptionhandler, the library catches the exception and writes its message...

cpp-httplib 信息泄露漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes servers and clients for HTTP/HTTPS communication. Versions of cpp-httplib prior to 0.35.0 contained an information leakage vulnerability. This vulnerability occurred when custom exception handlers were not registered properly,...

PT-2026-23045

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.35.0 Description cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. When a request handler throws a C++ exception and a custom exception handler has not been registered using set...

EUVD-2017-5893

Malware in sbrugna...

form 安全漏洞

form is an open source form state management program from TanStack. A security vulnerability exists in form version v0.35.0, which stems from the lib.mutateMergeDeep function containing a prototype contamination vulnerability...

@128technology/ply (>=1.0.0-alpha.0 <=1.0.0-alpha.7), @128technology/yinz (=5.0.0-alpha.6) +100 more potentially affected by CVE-2024-34394 via libxmljs2 (>=0.21.7 <=0.35.0)

libxmljs2 NPM version =0.21.7, =1.0.0-alpha.0, =5.0.0, =1.2.0, =2.4.0, =1.0.0, =1.14.0, =1.0.0, =3.0.0, =0.0.1-beta, =6.0.0, =6.0.0, =11.0.0, =23.14.1-alpha.0 and more Source cves: CVE-2024-34394 Source advisory: OSV:GHSA-78H3-PG4X-J8CV...

CVE-2024-32884 gix-transport indirect code execution via malicious username

gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...

Tekton Pipelines 数据伪造问题漏洞

Tekton Pipelines is a cloud-native pipeline from Tekton Open Source. A data forgery issue vulnerability exists in Tekton Pipelines version 0.35.0, which stems from incorrect access rights...

Design/Logic Flaw

In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type...

CVE-2022-39272

Flux is an open and extensible continuous delivery solution for Kubernetes. Versions prior to 0.35.0 are subject to a Denial of Service. Users that have permissions to change Flux’s objects, either through a Flux source or directly within a cluster, can provide invalid data to fields .spec.interv...

CVE-2022-39202 IRC mode parameter confusion in matrix-appservice-irc

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...