CVE-2026-45631 Dokploy: Pre-Auth Admin Takeover via Hardcoded Authentication Secret

Dokploy is a free, self-hostable Platform as a Service PaaS. From 0.27.0 to before 0.29.3, a hardcoded BETTERAUTHSECRET fallback "better-auth-secret-123456789" lets an unauthenticated attacker forge email verification JWTs, trigger auto-sign-in as admin, and execute commands on the host via the...

RLSA-2026:19149 Important: dovecot security update

Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fixes: doveco...

Exploit for CVE-2026-42568

CVE-2026-42568 — YAMCS LDAP Injection in LdapAuthModule Su...

BIT-NEO4J-2026-1524 Auth misconfiguration when multiple providers enabled

An edgecase in SSO implementation in Neo4j Enterprise edition versions prior to version 2026.02 can lead to unauthorised access under the following conditions: If a neo4j admin configures two or more OIDC providers AND configures one or more of them to be an authorization provider AND configures...

Adobe ColdFusion - Access Control Bypass

An attacker is able to access every CFM and CFC endpoint within the ColdFusion Administrator path /CFIDE/, of which there are 437 CFM files and 96 CFC files in a ColdFusion 2021 Update 6 install. id: CVE-2023-29298 info: name: Adobe ColdFusion - Access Control Bypass author:...

SUSE CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

📄 strongSwan 5.9.13 Denial of Service

strongSwan version 5.9.13 suffers from a denial of service vulnerability. Exploit Title: strongSwan 5.9.13 - DoS Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link: https://download.strongswan.org/strongswan-5.9.13.tar.bz2 Version:...

📄 strongSwan 5.9.13 Buffer Overflow

strongSwan version 5.9.13 suffers from a pre-authentication heap buffer overflow vulnerability. Exploit Title: strongSwan 5.9.13 - heap buffer overflow Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link:...

Linux Distros Unpatched Vulnerability : CVE-2026-46119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its...

strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

Exploit Title: strongSwan 5.9.13 - heap buffer overflow Date: 2026-05-13 Exploit Author: Lukas Johannes Moeller Vendor Homepage: https://www.strongswan.org/ Software Link: https://download.strongswan.org/strongswan-5.9.13.tar.bz2 Version: strongSwan length 4 - 4 without guarding against hdr-lengt...

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

CVE-2026-45364 Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

CVE-2026-45364

The CVE-2026-45364 issue affects Better Auth (TypeScript) where the HTTP rate limiter keyed by the leftmost x-forwarded-for value could be bypassed for IPv6. Before fixes, IPv6 prefix rotation (e.g., /64) and multiple textual representations could produce 2^64 distinct keys, letting an attacker p...

CVE-2026-45364 Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

CVE-2026-45344 LinkAce: Setup database password newline injection enables pre-auth RCE on uninitialized instances

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

CVE-2026-46119

A flaw was found in the Linux kernel's libceph component. A remote attacker could exploit this vulnerability by sending a specially crafted CEPHMSGAUTHREPLY message. When the message's result field contains a positive value, it can be misinterpreted as a buffer size, leading to a slab-out-of-boun...

CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

CVE-2026-46119 libceph: Fix slab-out-of-bounds access in auth message processing

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...