CVE-2026-39943 Directus exposes sensitive fields in revision history

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

CVE-2026-39943

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

CVE-2026-39943 Directus exposes sensitive fields in revision history

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus stores revision records in directusrevisions whenever items are created or updated. Due to the revision snapshot code not consistently calling the prepareDelta sanitization pipeline,...

SUSE-SU-2026:1236-1 Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...

Malicious code in @telekom-wfa/auth-core (npm)

Package is malware. Hardcoded Telegram credentials, data exfiltration, and preinstall script execution indicate malicious intent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a2fe12e5542ae8cf1cf339c13c3480629ccfd6e2fb391427c4f1b17bbdc9f85 The package...

MAL-2026-2523 Malicious code in @telekom-wfa/auth-core (npm)

Package is malware. Hardcoded Telegram credentials, data exfiltration, and preinstall script execution indicate malicious intent. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a2fe12e5542ae8cf1cf339c13c3480629ccfd6e2fb391427c4f1b17bbdc9f85 The package...

nginx:1.24 security update

An update is available for module.nginx, nginx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...

RockyLinux 10 : nginx (RLSA-2026:6906)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6906 advisory. nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file modification vi...

Linux Distros Unpatched Vulnerability : CVE-2026-39864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of- bounds read in the auth module of Kamailio formerly...

Oracle Linux 9 : nginx (ELSA-2026-7002)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7002 advisory. - Resolves: RHEL-159557 - CVE-2026-27654 nginx: NGINX: Denial of Service or file modification via buffer overflow in ngxhttpdavmodule - Resolves:...

DEBIAN-CVE-2026-39864

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

CVE-2026-39864

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

EUVD-2026-20617

Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio formerly OpenSER and SER allows remote attackers to cause a denial of service process crash via a specially crafted SIP packet if a successful user...

GHSA-4GGG-H7PH-26QR n8n-mcp has authenticated SSRF via instance-URL header in multi-tenant HTTP mode

Impact An authenticated Server-Side Request Forgery in n8n-mcp allows a caller holding a valid AUTHTOKEN to cause the server to issue HTTP requests to arbitrary URLs supplied through multi-tenant HTTP headers. Response bodies are reflected back through JSON-RPC, so an attacker can read the conten...

CVE-2026-39411 LobeHub has an unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header

LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.48, the webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR ke...

CVE-2026-39411

CVE-2026-39411 (LobeHub) describes an unauthenticated authentication bypass on the webapi routes via a forgeable, client-controlled X-lobe-chat-auth header. Before version 2.1.48, the webapi authentication layer trusts an XOR-obfuscated header (hardcoded key: “LobeHub · LobeHub”) and treats decod...

CVE-2026-0814

The CVE-2026-0814 entry concerns the WordPress plugin Advanced CF7 DB . A missing capability check in the function vsz_cf7_export_to_excel affects all versions up to and including 2.0.9 , enabling authenticated users with Subscriber-level access and above to export form submissions to Excel files...

LobeHub: Unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header

Summary The webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR key is hardcoded in the repository, an attacker can forge arbitrary auth payloads and bypass authentication on protected...

User Impersonation

Overview @lobehub/cli is a LobeHub command-line interface. Affected versions of this package are vulnerable to User Impersonation via the X-lobe-chat-auth header on webapi routes. An attacker can gain unauthorized access to protected API endpoints and perform actions as an authenticated user by...

GHSA-5MWJ-V5JW-5C97 LobeHub: Unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header

Summary The webapi authentication layer trusts a client-controlled X-lobe-chat-auth header that is only XOR-obfuscated, not signed or otherwise authenticated. Because the XOR key is hardcoded in the repository, an attacker can forge arbitrary auth payloads and bypass authentication on protected...