Claude Code has a Domain Validation Bypass which Allows Automatic Requests to Attacker-Controlled Domains

Claude Code contained insufficient URL validation in its trusted domain verification mechanism for WebFetch requests. The application used a startsWith function to validate trusted domains e.g., docs.python.org, modelcontextprotocol.io, this could have enabled attackers to register domains like...

CVE-2026-1737

A vulnerability was detected in Open5GS up to 2.7.6. The affected element is the function sgwcs5chandlecreatebearerrequest of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachable assertion. Remote exploitation of the attack ...

PT-2026-6464

Due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the user to use ZSH and the ability to add untrusted content into a...

EUVD-2026-5123

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwctunneladd of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published...

[SECURITY] [DLA 4463-1] pyasn1 security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-4463-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta February 01, 2026 https://wiki.debian.org/LTS -...

CVE-2026-1586

A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogsgtp2fteidtoip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is...

CVE-2026-1683

Free5GC SMF up to 4.1.0 is affected by a vulnerability in HandlePfcpSessionReportRequest (internal/pfcp/handler/handler.go) of the PFCP component, enabling remote denial of service. Exploitation has been publicly disclosed. Remediation is to deploy an official patch; multiple sources (NVD/Red Hat...

CVE-2026-1587

A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwcs11handlemodifybearerrequest of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-1586

A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogsgtp2fteidtoip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is...

EUVD-2026-4997

A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogsgtp2fteidtoip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is...

PT-2026-5263

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.6 Description A flaw exists in Open5GS up to version 2.7.5 that can lead to a denial of service. The issue is located in the SGWC component, specifically within the ogs gtp2 f teid to ip function of the...

Malicious Package

Overview @rrvis/dialog is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview n8n-zalo-fevox is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

GHSA-W5WV-WVRP-V5M5 Kargo's `GetConfig()` and `RefreshResource()` API endpoints allow unauthenticated access

Impact A bug was found with authentication checks on the GetConfig API endpoint. This allowed unauthenticated users to access this endpoint by specifying an Authorization header with any non-empty Bearer token value, regardless of validity. This vulnerability did allow for exfiltration of...

Debian dla-4453 : inetutils - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4453 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4453-1 [email protected] https://www.debian.org/lts/security/...

Low: composer

Issue Overview: Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangle...

RHEL 8 / 9 : OpenShift Container Platform 4.13.63 (RHSA-2026:0676)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0676 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

CVE-2026-24047 @backstage/cli-common has a possible `resolveSafeChildPath` Symlink Chain Bypass

Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the resolveSafeChildPath utility function in @backstage/backend-plugin-api, which is...

[SECURITY] [DSA 6105-1] modsecurity-crs security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6105-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 21, 2026 https://www.debian.org/security/faq -...

GHSA-JH7P-QR78-84P7 Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation

A vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. If a user started Claude Code in an attacker-controller repository, and the repository included a settings file that set ANTHROPICBASEURL...