56 matches found
CVE-2026-54276
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This likely requires an open redirect vulnerability or similar on the target domain for an attacker to...
UBUNTU-CVE-2026-40997
Several Spring WS integration paths with Spring Security could surface detailed account state for example locked or disabled user semantics to remote SOAP clients through exception messages or callback outcomes, instead of failing with generic authentication errors. That behavior assists remote...
squid security update
7:3.5.20-17.0.11.13 - Security update for CVE-2026-32748 CVE-2026-33526 Orabug: 39230173 7:3.5.20-17.0.9.13 - Fixes CVE-2025-62168, squid: Squid vulnerable to information disclosure via - authentication credential leakage in error handling Orabug: 38587551 7:3.5.20-17.0.7.13 - Fixes CVE-2025-5457...
GHSA-7G73-99R4-M4MJ FlowiseAI Vulnerable to Credential Data Leak
Severity: HIGH CVSS 7.5 Type: CWE-200 Exposure of Sensitive Information File: packages/server/src/services/credentials/index.ts:62-71 Description: When credentials are fetched with a credentialName filter parameter, the encryptedData field is NOT stripped from the response. The code properly omit...
PT-2026-35740
The raw message of every server-side AuthenticationException is returned to the unauthenticated remote caller in the gRPC status description. This allows an attacker to obtain information about the authentication failure, which may be useful for further attacks. Affected versions: Spring gRPC:...
(0Day) Microsoft Windows library-ms NTLM Response Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must view a folder containing malicious content. The specific flaw exists within the...
PT-2026-37125
Name of the Vulnerable Software and Affected Versions go-git versions prior to 5.18.0 go-git versions prior to 6.0.0-alpha.2 Description During smart-HTTP clone and fetch operations, the library may leak HTTP authentication credentials when following redirects. If a remote repository responds to...
CVE-2026-32631 Git for Windows: `git clone` from manipulated repositories can leak NTLM hashes to arbitrary servers
Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...
CVE-2026-32631
Git for Windows prior to 2.53.0.windows.3 is affected by an information disclosure vulnerability where an attacker can induce a user to clone a malicious repository or checkout a malicious branch that communicates with an attacker-controlled server, allowing extraction of the user’s NTLM hash. Th...
CVE-2026-34359
Summary: CVE-2026-34359 affects HAPI FHIR Core prior to 6.9.4, where ManagedWebAccessUtils.getServer() used String.startsWith() to map request URLs to configured servers. This enables credential leakage via HTTP redirects to attacker-controlled domains that prefix-match configured URLs (e.g., htt...
HAPI FHIR Core has Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect
Summary ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured server URLs e.g., http://tx.fhir.org lack a trailing slash or host boundary check, an attacker-controlled domain like...
HAPI FHIR Core has Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect
ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured server URLs e.g., http://tx.fhir.org lack a trailing slash or host boundary check, an attacker-controlled domain like...
CVE-2026-33981
changedetection.io is a free open source web page change detection tool. Prior to 0.54.7, the jq: and jqraw: include filter expressions allow use of the jq env builtin, which reads all process environment variables and stores them as the watch snapshot. An authenticated user or unauthenticated us...
CVE-2026-32897
OpenClaw versions prior to 2026.2.22 reuse gateway.auth.token as a fallback hash secret for owner-ID prompt obfuscation when commands.ownerDisplay is set to hash and commands.ownerDisplaySecret is unset, creating dual-use of authentication secrets across security domains. Attackers with access to...
CVE-2026-33180
HAPI FHIR (Java) prior to 6.9.0 is affected: when the internal HTTP client follows redirects (HTTP 3xx), it may resend the same request headers to the host in the Location header as well as the initial URL. This exposes privacy-sensitive headers (e.g., authentication tokens) to unintended third-p...
HAPI FHIR HTTP authentication leak in redirects
Impact When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
HAPI FHIR HTTP authentication leak in redirects
When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...
CVE-2026-1965
libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...