Security Bulletin:Axios HTTP/2 Session Cleanup Logic State Corruption Bug Fixed in 1.13.2

Summary Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through concurrent session closures. The...

EUVD-2026-20501

Axios HTTP/2 Session Cleanup State Corruption Vulnerability...

CVE-2026-39865

Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a malicious server to crash the client process through concurrent session closures. The vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-32253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a...

DEBIAN-CVE-2023-32253

A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service...

CVE-2024-9928

A vulnerability exists in NSD570 login panel that does not restrict excessive authentication attempts. If exploited, this could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the equipment login. Note that the system supports onl...

CVE-2024-9928

A vulnerability exists in NSD570 login panel that does not restrict excessive authentication attempts. If exploited, this could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the equipment login. Note that the system supports onl...

CVE-2024-9928

A vulnerability exists in NSD570 login panel that does not restrict excessive authentication attempts. If exploited, this could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the equipment login. Note that the system supports onl...

CVE-2024-9928

The CVE-2024-9928 entry concerns the NSD570 login panel, where the authentication mechanism does not properly restrict excessive attempts, enabling potential account takeover or unauthorized access via brute-force against device login. The provided documents describe the affected component as the...