Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

48 matches found

EUVD
EUVDadded yesterday5 views

EUVD-2026-35321

An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects any further updates, causing all later stateful retries and circuit breakers in the application to...

5.9CVSS5.5AI score0.0004EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/14 6:30 p.m.1 views

EUVD-2026-22677

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

5.8AI score0.00011EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/03/27 6:31 p.m.4 views

Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

9.1CVSS5.8AI score0.00049EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVEadded 2026/02/26 10:34 p.m.5 views

CVE-2026-27700

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

8.2CVSS5.4AI score0.00008EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2026/02/25 6:2 p.m.5 views

Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Summary When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For header. Because AWS ALB appends the real client IP address to the end of the X-Forwarded-For header, the first...

8.2CVSS5.5AI score0.00008EPSS
Exploits0References5Affected Software1
Snyk
Snykadded 2026/02/25 6:2 p.m.4 views

User Impersonation

Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to User Impersonation via the getConnInfo function in the adapter/aws-lambda/conninfo.ts‎ file. An attacker can gain unauthorized access to resources protected by IP-based access controls by...

8.8CVSS6AI score0.00008EPSS
Exploits0References2
OSV
OSVadded 2026/02/25 6:2 p.m.1 views

GHSA-XH87-MX6M-69F3 Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Summary When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For header. Because AWS ALB appends the real client IP address to the end of the X-Forwarded-For header, the first...

8.2CVSS5.9AI score0.00008EPSS
Exploits0References5
NVD
NVDadded 2026/02/25 4:23 p.m.3 views

CVE-2026-27700

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

8.2CVSS0.00008EPSS
Exploits0References3
CVE
CVEadded 2026/02/25 3:1 p.m.9 views

CVE-2026-27700

CVE-2026-27700 affects Hono’s AWS Lambda adapter behind ALB. In versions 4.12.0 and 4.12.1, getConnInfo() erroneously took the first value from the X-Forwarded-For header. Since AWS ALB appends the real client IP to the end of X-Forwarded-For, an attacker could control the first IP value, potenti...

8.2CVSS5.4AI score0.00008EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2026/02/25 3:1 p.m.4 views

CVE-2026-27700 Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

8.2CVSS5.5AI score0.00008EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/02/25 3:1 p.m.2 views

CVE-2026-27700 Hono is Vulnerable to Authentication Bypass by IP Spoofing in AWS Lambda ALB conninfo

Hono is a Web application framework that provides support for any JavaScript runtime. In versions 4.12.0 and 4.12.1, when using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo function incorrectly selected the first value from the X-Forwarded-For...

8.2CVSS5.9AI score0.00008EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/02/25 12:0 a.m.7 views

Hono 数据伪造问题漏洞

Hono is a web framework built in TypeScript for the Hono community. Versions 4.12.0 and 4.12.1 of Hono contain a data manipulation vulnerability. This vulnerability arises from the use of the AWS Lambda adapter after an application load balancer. In this context, the getConnInfo function...

8.2CVSS5.7AI score0.00008EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/25 12:0 a.m.3 views

PT-2026-21921

Name of the Vulnerable Software and Affected Versions Hono versions 4.12.0 through 4.12.1 Description Hono is a Web application framework that provides support for any JavaScript runtime. When using the AWS Lambda adapter hono/aws-lambda behind an Application Load Balancer ALB, the getConnInfo...

8.2CVSS5.9AI score0.00008EPSS
Exploits0References13
Snyk
Snykadded 2025/10/27 5:30 p.m.3 views

Improper Resource Shutdown or Release

Overview org.apache.tomcat:tomcat-catalina is a Tomcat Servlet Engine Core Classes and Standard implementations. Affected versions of this package are vulnerable to Improper Resource Shutdown or Release due to the delayed cleaning of multipart upload temporary files. An attacker can cause a...

6CVSS7.1AI score0.00129EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-11855

Malware in sbrugna...

8.1CVSS8AI score0.00357EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-7195

Malware in sbrugna...

7.5CVSS7.6AI score0.00821EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-15449

Malicious code in bioql PyPI...

8.7CVSS6.5AI score0.00114EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-0074

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00177EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-49465

Malicious code in bioql PyPI...

7.5CVSS7.9AI score0.00054EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-32920

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00336EPSS
Exploits0References2
Rows per page
Query Builder