CVE-2026-32609 Glances has Incomplete Secrets Redaction: /api/v4/args Endpoint Leaks Password Hash and SNMP Credentials

Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix commit 5d3de60 addressed unauthenticated configuration secrets exposure on the /api/v4/config endpoints by introducing asdictsecure redaction. However, the /api/v4/args and /api/v4/args/item endpoints were not...

MAL-2025-41472 Malicious code in @twork-data-services/communication-api-v4-communication-voice (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-17208 Malicious code in clusterpoint-api-v4 (npm)

The package clusterpoint-api-v4 was found to contain malicious code...

CVE-2024-42411 User creation date manipulation in POST /api/v4/users

Mattermost versions 9.9.x = 9.9.1, 9.5.x = 9.5.7, 9.10.x = 9.10.0, 9.8.x = 9.8.2 fail to restrict the input in POST /api/v4/users which allows a user to manipulate the creation date in POST /api/v4/users tricking the admin into believing their account is much older...

CVE-2023-5333

Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids with multiple identical IDs...

CVE-2023-3584

Mattermost CVE-2023-3584 affects the POST /api/v4/teams endpoint. The root cause is improper authorization checks when a team override scheme ID is supplied, enabling an authenticated attacker who knows a valid Team Override Scheme ID to create a new team using that scheme. Documents consistently...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from not properly checking the authorization of POST/api/v4/teams...

CVE-2023-31485

GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks...

[SECURITY] Fedora 36 Update: golang-github-cloudflare-0.21.0-4.fc36

A Go library for interacting with Cloudflare's API v4. This library allows you to: - Manage and automate changes to your DNS records within Cloudflare - Manage and automate changes to your zones domains on Cloudflare, includi ng adding new zones to your account - List and modify the status of WAF...

[SECURITY] Fedora 36 Update: golang-github-cloudflare-0.21.0-3.fc36

A Go library for interacting with Cloudflare's API v4. This library allows you to: - Manage and automate changes to your DNS records within Cloudflare - Manage and automate changes to your zones domains on Cloudflare, includi ng adding new zones to your account - List and modify the status of WAF...