Lucene search
K

848 matches found

EUVD
EUVD
added 2 days ago11 views

EUVD-2026-33941

mint: Content-Length header accepts non-RFC "+" sign prefix...

6.3CVSS5.9AI score0.00301EPSS
Exploits0References5
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-45045 Fiber: X-Real-IP Spoofing via Header.Add() in BalancerForward

Fiber is an Express inspired web framework written in Go. Prior to 3.3.0 and 2.52.14, the BalancerForward proxy helper in middleware/proxy/proxy.go uses Header.Add instead of Header.Set when injecting X-Real-IP, allowing an attacker-supplied first X-Real-IP value to be forwarded to upstream serve...

5.3CVSS0.00455EPSS
Exploits0References7
Snyk
Snyk
added 2026/07/02 1:50 p.m.3 views

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation via the BalancerForward process. An attacker can manipulate upstream IP-based logic, such as rate limiting, access control, and audit logging, by injecting a spoofed X-Real-IP header value in requests. Remediation The...

6.9CVSS6AI score0.00455EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/02 1:50 p.m.4 views

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation via the BalancerForward process. An attacker can manipulate upstream IP-based logic, such as rate limiting, access control, and audit logging, by injecting a spoofed X-Real-IP header value in requests. Remediation...

6.9CVSS6AI score0.00455EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:30 a.m.7 views

CVE-2026-54430

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/02 10:30 a.m.6 views

EUVD-2026-41276

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/02 10:30 a.m.38 views

CVE-2026-54430 Server-Site Request Forgery in liboauth2

liboauth2 is vulnerable to Server-Side Request Forgery in oauth2josejwksawsalbresolve function. The AWS ALB verifier reads both signer and kid from the unverified JWT header. If signer matches the configured ARN, kid is appended to albbaseurl without URL encoding or path sanitization, and the HTT...

5.1CVSS0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/07/02 10:30 a.m.18 views

CVE-2026-54430

liboauth2 is affected by a Server-Side Request Forgery in the oauth2_jose_jwks_aws_alb_resolve() function. The AWS ALB verifier reads signer and kid from the unverified JWT header; if the signer matches the configured ARN, the kid is appended to alb_base_url without URL encoding or path sanitizat...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 1:19 p.m.12 views

CVE-2026-8655

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

9.8CVSS0.0046EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/30 12:46 p.m.7 views

EUVD-2026-40308

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

8.8CVSS5.8AI score0.0046EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 12:46 p.m.41 views

CVE-2026-8655 Multiple Memory overflow vulnerabilities leading to unpredictable or erroneous behavior and Denial of Service

Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursi...

8.8CVSS0.0046EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 12:46 p.m.35 views

CVE-2026-8655

CVE-2026-8655 corresponds to multiple memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway that can cause unpredictable behavior and DoS when the appliance is used as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver. The NVD/NIST entry and multiple security advi...

9.8CVSS5.8AI score0.0046EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.14 views

PT-2026-53881

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description Memory overflow issues occur when NetScaler ADC is configured as an Oracle load balancer, a DNS Proxy, or a DNS recursive resolver...

9.8CVSS6.2AI score0.0046EPSS
Exploits0References13
CVE
CVE
added 2026/06/29 8:3 p.m.22 views

CVE-2026-13763

This CVE affects AWS Application Load Balancer (ALB) with AWS WAF enabled, where inconsistent interpretation of HTTP/2 requests can allow bypass of WAF body inspection when the request body is fragmented across frames, leading to partial inspection. Affected component: HTTP/2 ALB target groups; r...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.13 views

PT-2026-53692

Name of the Vulnerable Software and Affected Versions AWS Application Load Balancer affected versions not specified Description Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer when AWS WAF is enabled may allow remote actors to bypass managed rule body inspection. B...

9.8CVSS5.8AI score0.00473EPSS
Exploits0References10
Chainguard
Chainguard
added 2026/06/23 8:16 a.m.6 views

GHSA-RJFV-PJVX-MJGV vulnerabilities

Vulnerabilities for packages: aws-load-balancer-controller-fips, aws-load-balancer-controller...

6.1AI score
Exploits0
NVD
NVD
added 2026/06/22 6:16 p.m.13 views

CVE-2026-54287

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attribute...

5.3CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 5:13 p.m.21 views

CVE-2026-54287

Summary: Hono’s AWS Lambda adapter, in the ALB single-header mode and VPC Lattice v2, concatenates multiple Set-Cookie headers into a single comma-separated value, causing cookie attributes that include commas (e.g., Expires) to be misparsed or dropped. Affected components: Hono web framework; AW...

5.3CVSS5.9AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 5:13 p.m.33 views

CVE-2026-54287 Hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attribute...

5.3CVSS0.00186EPSS
Exploits0References1
Wolfi
Wolfi
added 2026/06/19 2:33 p.m.13 views

GHSA-RJFV-PJVX-MJGV vulnerabilities

Vulnerabilities for packages: aws-load-balancer-controller...

5.8AI score
Exploits0
Rows per page
Query Builder