127 matches found
Erlang/OTP 20.0 < 27.3.4.14 / 28.0 < 28.5.0.3 / 29.0 < 29.0.3 DTLS Cookie Bypass (CVE-2026-54887)
The version of Erlang/OTP installed on the remote host is 20.0 prior to 27.3.4.14, 28.0 prior to 28.5.0.3, or 29.0 prior to 29.0.3. It is, therefore, affected by a vulnerability: - Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie...
CVE-2026-54887
CVE-2026-54887 concerns Erlang/OTP's DTLS server in ssl, where during startup the cookie secret is initialized to an empty binary instead of a random value. This makes DTLS cookie computation deterministic for the first 0–15 seconds, allowing an observer of plaintext ClientHello to forge a valid ...
CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtlsserverconnection:initialhello/3 initializes previouscookiesecret to the empty...
EEF-CVE-2026-54887 DTLS server cookie bypass during startup window due to empty initial cookie secret
Summary Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl DTLS server allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup, dtls\server\connection:initial\hello/3 initializes previous\cookie\secret...
EulerOS 2.0 SP15 : python3 (EulerOS-SA-2026-2507)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickli...
CVE-2026-53871 Hermes WebUI < 0.51.368 - Profile-Scoped Authorization Bypass via Forged hermes_profile Cookie
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the getprofilecookie function that accepts unauthenticated profile names from the hermesprofile cookie. An authenticated attacker can forge the hermesprofile cookie value to bypass profile-scoped authorization checks a...
PT-2026-46263
Name of the Vulnerable Software and Affected Versions Neterbit NW-431F Router versions prior to 20241014-IR03 Description Improper Authentication allows for an authentication bypass due to the use of weak and predictable cookie values. An attacker can gain unauthorized access to administrative...
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940: cPanel/WHM Authentication Bypass Analysis...
CVE-2026-5901
CVE-2026-5901 concerns insufficient policy enforcement in Chrome/Chromium DevTools, enabling a user-assisted attacker who installs a malicious extension to bypass enterprise host restrictions for cookie modification. The issue affects Chrome/Chromium builds prior to version 147.0.7727.55, with ad...
CVE-2026-39410
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to th...
CVE-2026-39410 Hono has a non-breaking space prefix bypass in cookie name handling in getCookie()
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to th...
CVE-2026-39410
Hono CVE-2026-39410 involves a cookie handling flaw in getCookie() where a mismatch between browser cookie parsing and JavaScript parse() trim() causes cookies with a non-breaking-space prefix (U+00A0) to shadow or override legitimate cookies. This can bypass __Secure- and __Host- prefix protecti...
PT-2026-7893
Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.10.4 authentik versions prior to 2025.12.4 Description authentik is an open-source identity provider. A malformed cookie could bypass authentication when using forward authentication with the authentik Proxy...
MiracleLinux 9 : php:8.1 (AXSA:2024-9437:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9437:01 advisory. php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk...
MiracleLinux 8 : php:8.2 (AXSA:2024-9505:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9505:01 advisory. php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk...
MiracleLinux 9 : firefox-91.9.0-1.el9.ML.1 (AXSA:2022-3990:29)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3990:29 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...
MiracleLinux 9 : php:8.2 (AXSA:2024-9503:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9503:01 advisory. php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk...
libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior,...
WordPress plugin WP Private Content Plus 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2015-3108
Malware in sbrugna...