33949 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the SimpleFunctionRegistry composition. An attacker can exhaust memory or trigger unbounded recursive function composition by supplying crafted function definitions that...
ch.sbb:spring-cloud-stream-binder-solace (>=8.0.0 <=9.0.2), cn.herodotus.dante:dante-authentication-autoconfigure (>=4.0.0.0-M2 <=4.0.0.0-M3) +157 more potentially affected by CVE-2026-40989 via org.springframework.cloud:spring-cloud-function-context (>=5.0.0-M1 <=5.0.1)
org.springframework.cloud:spring-cloud-function-context MAVEN version =5.0.0-M1, =8.0.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =1.0.0, =1.0.0, =2.0.0-RC1, =8.0.4 and more S...
ch.sbb:spring-cloud-stream-binder-solace (>=8.0.0 <=9.0.2), cn.herodotus.dante:dante-authentication-autoconfigure (>=4.0.0.0-M2 <=4.0.0.0-M3) +157 more potentially affected by CVE-2026-40990 via org.springframework.cloud:spring-cloud-function-context (>=5.0.0-M1 <=5.0.1)
org.springframework.cloud:spring-cloud-function-context MAVEN version =5.0.0-M1, =8.0.0, =4.0.0.0-M2, =4.0.0.0-M2, =4.0.0.0-M2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =6.0.0-beta.2, =1.0.0, =1.0.0, =2.0.0-RC1, =8.0.4 and more S...
ch.admin.bit.jeap:jeap-spring-boot-config-starter (>=17.16.0 <=18.5.0), ch.sbb:spring-cloud-stream-binder-solace (>=4.0.0 <=7.4.5) +901 more potentially affected by CVE-2026-40989 via org.springframework.cloud:spring-cloud-function-context (>=4.0.0 <=4.3.2)
org.springframework.cloud:spring-cloud-function-context MAVEN version =4.0.0, =17.16.0, =4.0.0, =1.0.0, =1.0.1, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2026-40989 Source advisory:...
ch.admin.bit.jeap:jeap-spring-boot-config-starter (>=17.16.0 <=18.5.0), ch.sbb:spring-cloud-stream-binder-solace (>=4.0.0 <=7.4.5) +901 more potentially affected by CVE-2026-40990 via org.springframework.cloud:spring-cloud-function-context (>=4.0.0 <=4.3.2)
org.springframework.cloud:spring-cloud-function-context MAVEN version =4.0.0, =17.16.0, =4.0.0, =1.0.0, =1.0.1, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2026-40990 Source advisory:...
PT-2026-39208
Name of the Vulnerable Software and Affected Versions FastGPT versions prior to 4.14.11 Description The isInternalAddress function in packages/service/common/system/utils.ts fails to properly block cloud metadata endpoints. The function uses a fullUrl.startsWith check against a hardcoded list tha...
FilePress 注入漏洞
FilePress is a file-driven website building system developed by zyx0814. It supports cloud storage management and multi-mode file display. Versions of FilePress 2.2.0 and earlier had an injection vulnerability. This vulnerability stemmed from improper handling of the order parameter in the Shares...
PT-2026-38648
Name of the Vulnerable Software and Affected Versions electerm versions 3.x and earlier Description The getConstants IPC handler in src/app/lib/ipc-sync.js serializes the entire process.env object and sends it to the renderer, where it is stored as window.pre.env. This data is accessible to any...
FastGPT 代码问题漏洞
FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT 4.14.11 and earlier have code vulnerabilities. These vulnerabilities stem from the use of a hardcoded list in the isInternalAddress function for checking...
Unstructured Data Backup from Google Cloud Storage fails with a Bad Request error
Challenge An Unstructured Data Backup of data from Google Cloud Storage added to Veeam Backup & Replication as an S3-Compatible Object Storage data source fails with the following error: Failed to perform object backup Error: Agent: Failed to process method NasMaster.ExecuteBackupProcessor: Faile...
GHSA-39J6-4867-GG4W utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol
Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...
CVE-2026-35428
Improper neutralization of special elements used in a command 'command injection' in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network...
GHSA-8MC6-XJPR-H98X Ech0 has Server-Side Request Forgery (SSRF) via Connect Handler fetchPeerConnectInfo
Summary The fetchPeerConnectInfo function in internal/service/connect/connect.go:214-239 uses httpUtil.SendRequest no SSRF protection instead of SendSafeRequest which has ValidatePublicHTTPURL with private IP blocking. This allows authenticated users to make the server request arbitrary URLs...
CVE-2026-35428
CVE-2026-35428 affects Azure Cloud Shell and is described as improper neutralization of special elements used in a command (command injection) that allows an unauthorized attacker to perform spoofing over a network. The available references consistently attribute the issue to command injection wi...
CVE-2026-35428 Azure Cloud Shell Spoofing Vulnerability
...
CVE-2026-35428 Azure Cloud Shell Spoofing Vulnerability
...
CVE-2026-35428
Improper neutralization of special elements used in a command 'command injection' in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-42449 n8n-MCP: IPv4-mapped IPv6 addresses bypass SSRF protection in validateUrlSync(), enabling full SSRF for SDK embedders
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path N8NDocumentationMCPServer constructor, getN8nApiClient, and validateInstanceContext, the synchronous URL validator in...
CVE-2026-41905
FreeScout (PHP Laravel) before version 1.8.217 is affected by an SSRF issue in Helper::sanitizeRemoteUrl() where curlGetLastRedirectedUrl() returns the final destination URL but the code re-validates the original URL. This allows an attacker who can supply a URL passing the initial host check to ...
PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments. "The toolset harvests credentials from cloud, container, developer, productivity, and...