CVE-2026-24473 Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, Serve static Middleware for the Cloudflare Workers adapter contains an information disclosure vulnerability that may allow attackers to read arbitrary keys from the Workers environment...

CVE-2026-24473 Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, Serve static Middleware for the Cloudflare Workers adapter contains an information disclosure vulnerability that may allow attackers to read arbitrary keys from the Workers environment...

CVE-2026-24473

CVE-2026-24473 affects the Hono web framework (prior to 4.11.7) and its Serve static Middleware for the Cloudflare Workers adapter. The issue is an information disclosure where an attacker may read arbitrary keys from the Workers environment due to improper validation of user-controlled paths. Th...

CVE-2026-24473 Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.11.7, Serve static Middleware for the Cloudflare Workers adapter contains an information disclosure vulnerability that may allow attackers to read arbitrary keys from the Workers environment...

GHSA-W332-Q679-J88P Hono has an Arbitrary Key Read in Serve static Middleware (Cloudflare Workers Adapter)

Summary Serve static Middleware for the Cloudflare Workers adapter contains an information disclosure vulnerability that may allow attackers to read arbitrary keys from the Workers environment. Improper validation of user-controlled paths can result in unintended access to internal asset keys...

CVE-2026-24140 MyTube has Mass Assignment via Settings Management

MyTube is a self-hosted downloader and player for several video websites. Versions 1.7.78 and below have a Mass Assignment vulnerability in the settings management functionality due to insufficient input validation. The application's saveSettings function accepts arbitrary key-value pairs without...

EUVD-2018-4516

Malware in sbrugna...

DataEase 授权问题漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. An authorization issue vulnerability exists in DataEase versions prior to...

Fedora 40 : logiops (2024-326390f033)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-326390f033 advisory. Fixes CVE-2024-45752: A vulnerability that allows users to remap keys arbitrarily. This allows all users on the system to remap a key unexpectedly to a...

Microsoft Windows 10 1809 - CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration

Exploit for windows platform in category local exploits Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation o...

Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation

Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The kernel’s Registry Virtualization doesn’t safely open the real key fo...

CVE-2018-12556

CVE-2018-12556 affects the yarnpkg/website install.sh signature verification: it only checks that the release is signed by any key in the user’s local keyring, not pinned to the yarn release key, enabling remote attackers to sign tampered yarn packages with their own key. Public documents note un...

Imperva SecureSphere Elevation of Privilege Vulnerability

Imperva SecureSphere is a suite of high-performance, centralized data security protection and management products from US-based Imperva. The product provides unified auditing, reporting and logging of different SecureSphere products, visualization of security status and real-time monitoring of...