35 matches found
CVE-2026-6334
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
CVE-2026-46579
A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...
CVE-2026-46414 Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking
Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...
GHSA-JP3F-X449-4Q75 Mattermost doesn't enforce client identity binding during the OAuth authorization code redemption flow
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
CVE-2026-6334
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
EUVD-2026-30743
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have security vulnerabilities. These vulnerabilities stem from the lack of mandatory...
CVE-2026-41299 OpenClaw < 2026.3.28 - Client Identity Spoofing in chat.send Gateway Provenance Guard
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata from WebSocket handshake rather than verified authorization state. Authenticated operator clients can spoof ACP...
CVE-2026-41299
OpenClaw before 2026.3.28 contains an authorization bypass in the chat.send gateway method. The vulnerability stems from gating ACP-only provenance fields on self-declared client metadata from the WebSocket handshake rather than the verified authorization state. As a result, authenticated operato...
GHSA-6XG4-82HV-CP6F OpenClaw: Gateway chat.send ACP-only provenance guard could be bypassed by client identity spoofing
Summary ACP-only provenance fields in chat.send were gated by self-declared client metadata from the WebSocket handshake rather than verified authorization state. Impact A normal authenticated operator client could spoof ACP identity labels and inject reserved provenance fields intended only for...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-33413)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-33413 advisory. - etcd is a distributed key-value store for the data of a distributed system. Prior to versions...
CVE-2026-33248
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...
UBUNTU-CVE-2026-33248
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using mTLS for client identity, with verifyandmap to derive a NATS identity from the client certificate's Subject DN, certain patterns of RDN would not be...
NATS has mTLS verify_and_map authentication bypass via incorrect Subject DN matching
Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. One authentication model supported is mTLS, deriving the NATS client identity from properties of the TLS Client Certificate. Problem...
CVE-2026-33215
CVE-2026-33215 affects NATS-Server (NATS.io) where the MQTT client interface allows hijacking of Sessions and Messages due to MQTT Client ID malfeasance. Affected versions are prior to 2.11.15 and 2.12.5; these versions patch the issue. The description does not provide exploit details or how atta...
Tinyauth 安全漏洞
Tinyauth is an authentication and authorization server developed by Stavros personally. Versions of Tinyauth prior to 5.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the OIDC token endpoint not verifying the identity of the client requesting the exchange of...
EUVD-2025-203653
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...
UBUNTU-CVE-2025-68243
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...
CVE-2025-68243 NFS: Check the TLS certificate fields in nfs_match_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...
CVE-2025-68243 NFS: Check the TLS certificate fields in nfs_match_client()
In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...