CVE-2026-31846

Missing authentication in the /goform/ate endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows an adjacent unauthenticated attacker to retrieve sensitive device information, including the administrator password. The endpoint returns a raw response containing...

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI...

OPENSUSE-SU-2026:20410-1 Security update for exiv2

This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...

Chromium: CVE-2026-4441 Use after free in Base

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the schemaattrenumcallback function within the schema.c file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting for additional formatting...

Advisory ROSA-SA-2026-3246

software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-3 affected versions ghostscript-9.56.1-3 CVE-ID: CVE-2024-33869 BDU-ID: 2024-07480 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the base/gpmisc.c file of the Ghostscript document processing, conversion, and...

SUSE CVE-2026-4441

Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

SQL Injection

Overview vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection via the ask function in the file vanna\legacy\base\base.py. An attacker can execute unauthorized SQL commands by supplying crafted input to the function. Remediation...

CVE-2026-4513

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. T...

CVE-2026-4513

The CVE-2026-4513 entry concerns vanna-ai vanna up to version 2.0.2. The vulnerability affects the function ask in vanna/legacy/base/base.py; manipulation of inputs results in SQL injection. The issue is exploitable remotely, with public exploits available. Vendor was contacted early but did not ...

langflow-nightly (=1.8.0.dev24) potentially affected by CVE-2026-33484 via langflow-base (=0.7.2)

langflow-base PYPI version =0.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on langflow-base and may be impacted: - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-33484 Source advisory: SNYK:PYTHON-LANGFLOWBASE-15746998...

GHSA-PGX6-7JCQ-2QFF PDFME has SSRF via Unvalidated URL Fetch in `getB64BasePdf` When `basePdf` Is Attacker-Controlled

Summary The getB64BasePdf function in @pdfme/common fetches arbitrary URLs via fetch without any validation when basePdf is a non-data-URI string and window is defined. An attacker who can control the basePdf field of a template e.g., through a web application that accepts user-supplied templates...

tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

GHSA-GCHP-Q4R4-X4FF tar-rs incorrectly ignores PAX size headers if header size is nonzero

Summary As part of CVE-2025-62518 the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header. However, it was missed at the time that this project the original Rust tar crate had a conditional logic that skipped the PAX siz...

EUVD-2026-13684

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

CVE-2026-31381 Gainsight Assist plugin information disclosure

An attacker can extract user email addresses PII exposed in base64 encoding via the state parameter in the OAuth callback URL...

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the deleteapikeyroute endpoint. An attacker can delete API keys belonging to other users by providing the apikeyid of a key they do not own. Remediation Upgrade langflow-base to versio...

langflow-nightly (=1.8.0.dev24) potentially affected by CVE-2026-33053 via langflow-base (=0.7.2)

langflow-base PYPI version =0.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on langflow-base and may be impacted: - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-33053 Source advisory: SNYK:PYTHON-LANGFLOWBASE-15701926...

CVE-2026-4441

An use after free flaw was found in the Base component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489381399...

CVE-2026-33060

CKAN MCP Server is a tool for querying CKAN open data portals. Versions prior to 0.4.85 provide tools including ckanpackagesearch and sparqlquery that accept a baseurl parameter, making HTTP requests to arbitrary endpoints without restriction. A CKAN portal client has no legitimate reason to...