CVE-2026-44285

FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery SSRF vulnerability allows an authenticated attacker to bypass the global isInternalAddress network protection and make arbitrary HTTP GET requests to internal network services. This is achieved by...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect conversion of physical addresses during the putfolios cleanup process in memfdluo,...

Astra Linux - уязвимость в nodejs

A OS command injection vulnerability exists in Node.js versions 14.20.0, 16.20.0, 18.5.0 due to an insufficient IsAllowedHost check. This vulnerability can be easily exploited, as the IsIPAddress function does not properly check whether an IP address is invalid before making DBS requests, thereby...

mail/mailpit -- multiple vulnerabilities

Mailpit author reports: Set a default 50MB per message limit to prevent DoS via unlimited SMTP DATA and /api/v1/send body sizes GHSA-fpxj-m5q8-fphw Include CGNAT Carrier-Grade NAT in internal IP checks GHSA-j3fj-qppj-fmmc Block internal IP access by default in HTML check GHSA-j3fj-qppj-fmmc Fix f...

CVE-2026-42345

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...

EUVD-2026-28855

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a fullUrl.startsWith check against a hardcoded list. This check can be bypassed using at least 7 different...

PT-2026-39208

Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.11 Description The isInternalAddress function in packages/service/common/system/utils.ts fails to properly block cloud metadata endpoints. The function uses a fullUrl.startsWith check against a hardcoded list tha...

LibreChat 代码问题漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within a single interface. Versions of LibreChat from 0.8.2-rc2 to 0.8.2 contain code vulnerabilities. These vulnerabilities stem from...

CVE-2025-10461 Global file reads caused by improper URL checks in webserver

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

PT-2026-25710

Global file reads caused by improper URL checks in webserver in Softing Industrial Automation GmbH smartLinks on docker filesystem modules allows file access. This issue affects smartLink SW-HT: through 1.42 smartLink SW-PN: through 1.03...

CVE-2026-3327

Authenticated Iframe Injection in Dato CMS Web Previews plugin. This vulnerability permits a malicious authenticated user to circumvent the restriction enforced on the configured frontend URL, enabling the loading of arbitrary external resources or origins. This issue affects Web Previews v1.0.31...

Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains

Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a startsWith function to validate trusted domains e.g., docs.python.org, modelcontextprotocol.io, this could have enabled attackers to register domains like...

USN-7998-1 openjdk-17 vulnerabilities

It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

PT-2026-5355

Name of the Vulnerable Software and Affected Versions TrustTunnel versions prior to 0.9.114 Description TrustTunnel, an open-source VPN protocol, contains a server-side request forgery and private network restriction bypass. The issue stems from insufficient SSRF protection within the tcp...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.AXS4 (AXSA:2017-2469:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2469:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...

CVE-2026-22245 Mastodon has SSRF Protection bypass

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

CVE-2025-66508

1Panel is an open-source, web-based control panel for Linux server management. Versions 2.0.14 and below use Gin's default configuration which trusts all IP addresses as proxies TrustedProxies = 0.0.0.0/0, allowing any client to spoof the X-Forwarded-For header. Since all IP-based access controls...

Markdownify MCP Server 安全漏洞

Markdownify MCP Server is a Model Context Protocol server for converting almost any content to Markdown by Zach Caceres, an individual developer in the United States. A security vulnerability exists in Markdownify MCP Server version 0.0.2 and earlier, which stems from a server-side request forger...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989451)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989451 advisory. In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotpbind Syzbot created an environment that lead to a stat...

EUVD-2022-54866

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fsdozerorange As Yanming reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=215894 I have encountered a bug in F2FS file system in kernel v5.17. I have uploaded the...