Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to improper synchronization in the webhook process. An attacker can cause the application to crash and become unavailable by sending concurrent requests that exploit the reuse of echo.Context objects, leading to a pan...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to improper synchronization in the webhook process. An attacker can cause the application to crash and become unavailable by sending concurrent requests that exploit the reuse of echo.Context objects, leading to a pan...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to improper synchronization in the webhook process. An attacker can cause the application to crash and become unavailable by sending concurrent requests that exploit the reuse of echo.Context objects, leading to a pan...

Race Condition

Overview Affected versions of this package are vulnerable to Race Condition due to improper synchronization in the webhook process. An attacker can cause the application to crash and become unavailable by sending concurrent requests that exploit the reuse of echo.Context objects, leading to a pan...

GHSA-R33J-C622-R6QP Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine

Summary The webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent request claims the recycled context, c.Reset clears the store. If the...

Gotenberg has an unauthenticated denial of service via echo.Context pool reuse in webhook async goroutine

Summary The webhook middleware spawns a goroutine that holds a reference to the request's echo.Context after the synchronous handler returns ErrAsyncProcess and Echo recycles the context back to its sync.Pool. When a concurrent request claims the recycled context, c.Reset clears the store. If the...

n8n-MCP 代码问题漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. There are code vulnerabilities in versions 2.47.4 to 2.47.13 of n8n-MCP. These vulnerabilities stem from the fact that the SSRFRProtection.validateUrlSync URL verifier does not check IPv6...

PT-2026-38385

Name of the Vulnerable Software and Affected Versions Gotenberg versions prior to 8.32.0 Description A flaw in the webhook middleware allows an anonymous caller to crash the process. The middleware spawns a goroutine that retains a reference to the echo.Context after the synchronous handler retur...

PT-2026-38367

Name of the Vulnerable Software and Affected Versions free5GC versions prior to 4.2.2 Description The Access and Mobility Management Function AMF in free5GC fails to enforce concurrent security procedure rules. Specifically, the AMF does not verify if an N2 handover procedure is ongoing before...

PT-2026-38613

Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39 Description The bentoml build packaging workflow follows attacker-controlled symlinks within the build context and copies the referenced file contents into the generated Bento artifact. This occurs because the...

Linux Distros Unpatched Vulnerability : CVE-2026-43260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7...

CVE-2026-43227

A flaw was found in the Linux kernel's clocksource/drivers/shtmu component. This issue arises when the shtmu driver attempts to manage its power and clock states using specific runtime power management functions while holding raw spinlocks. This creates a conflict with other platform drivers that...

CVE-2026-43216

A flaw was found in the Linux kernel's networking subsystem. Specifically, the skbmaytxtimestamp function can attempt to acquire a lock in an Interrupt Request IRQ context, which is an inappropriate execution environment for this operation. This can occur when certain network drivers process...

alika-vuln-shield

Vuln Shield Fast container vulnerability scanner that filters...

GHSA-J7J9-5253-F7VH Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users

Summary Multiple classes evaluate Spring Expression Language SpEL expressions from user-supplied input using StandardEvaluationContext, which provides unrestricted access to Java types and methods. An authenticated user with the ADMIN role can achieve Remote Code Execution and credential...

Valtimo has SpEL injection via StandardEvaluationContext that allows Remote Code Execution by admin users

Summary Multiple classes evaluate Spring Expression Language SpEL expressions from user-supplied input using StandardEvaluationContext, which provides unrestricted access to Java types and methods. An authenticated user with the ADMIN role can achieve Remote Code Execution and credential...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Flight::jsonp process. An attacker can execute arbitrary JavaScript in the context of the response origin by supplying a crafted jsonp query parameter, which is concatenated directly into the JavaScript...

GHSA-35VF-VW9F-Q3CR Duplicate Advisory: OpenClaw: MCP loopback owner context is derived from server-issued bearer tokens

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r6xh-pqhr-v4xh. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request...

EUVD-2026-28201

OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request headers. Non-owner loopback clients can present themselves as owner to bypass owner-gated operations by manipulating the sender-owner header metadata...

EUVD-2026-28178

OpenClaw versions 2026.4.10 before 2026.4.14 fail to persist session context during delivery queue recovery for media replay. Attackers can exploit recovered queued outbound media to bypass group tool policy enforcement and weaken channel media restrictions after service restart or recovery...