Node.js Module axios < 1.15.2 Prototype Pollution

The version of the axios Node.js module installed on the remote host is prior to 1.15.2. It is, therefore, affected by the following vulnerability: - Axios has prototype pollution read-side gadgets in the HTTP adapter that allow credential injection and request hijacking. CVE-2026-42264 Note that...

Linux Distros Unpatched Vulnerability : CVE-2026-42264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties auth, baseURL, socketPath...

PT-2026-34707

Name of the Vulnerable Software and Affected Versions OpenTelemetry dotnet versions 1.13.1 through 1.15.1 Description When exporting telemetry to a back-end or collector over gRPC or HTTP using the OpenTelemetry Protocol OTLP format, unsuccessful requests HTTP 4xx or 5xx result in the response...

PT-2024-40291 · Unknown · Scnsocialauth

Name of the Vulnerable Software and Affected Versions: ScnSocialAuth versions prior to 1.15.2 Description: The issue is related to a missing escaping of the URL parameter redirect, which allows for a XSS attack. For example, setting the redirect parameter to "GitHub.cominput%20type="hidden"%20"...

PT-2022-5137 · D-Bus +10 · D-Bus +10

Name of the Vulnerable Software and Affected Versions: D-Bus versions 1.12.24 and earlier, 1.13.x, 1.14.x before 1.14.4, and 1.15.x before 1.15.2 Description: An issue was discovered in D-Bus where an authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when...