EUVD-2026-34047

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only VIEW access to an MCP server can retrieve the server's decrypted admin-managed secrets through GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The returned...

CVE-2026-44653 LibreChat Shared MCP Server View Leaks Decrypted Admin Secrets

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, users with only VIEW access to an MCP server can retrieve the server's decrypted admin-managed secrets through GET /api/mcp/servers and GET /api/mcp/servers/:serverName. The returned...

PT-2026-45882

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4 Description Users with only VIEW access to an MCP server can retrieve decrypted admin-managed secrets. This occurs through the endpoints "/api/mcp/servers" and "/api/mcp/servers/:serverName", where the returne...

CVE-2026-9793

A flaw was found in Keycloak. When a JSON Web Encryption JWE encrypted request object is submitted, Keycloak may incorrectly process unsigned claims if the decrypted content is raw JSON, bypassing the configured signature policy. This allows a remote attacker to submit unauthorized claims, leadin...

SUSE CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

PT-2026-44386

CryptX versions before 0.088 001 for Perl have a stack buffer overflow in four AEAD decrypt verify helpers. The gcm decrypt verify, ccm decrypt verify, chacha20poly1305 decrypt verify and eax decrypt verify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buff...

Keycloak 数据伪造问题漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a data falsification vulnerability. This vulnerability arises when submitting JSON Web encrypted request objects, and if the decrypted content is the original JSON, Keycloak may improperl...

CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible Engine, affecting versions 2.7.x before 2.7.17, 2.8.x before 2.8.11, 2.9.x before 2.9.7, as well as Ansible Tower in versions 3.4.5, 3.5.5, and 3.6.3. This issue occurs when using modules that decrypt vault files, such as assemble, script, unarchive, wincopy, awss...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: DMA-Direct: Leakage of pages upon failure in dmasetdecrypted In TDX, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the return of decrypted/membered...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Pages are leaked if setmemoryencrypted fails. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail. This results in an error being returned, and the...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track the decryption status in vmbusgpadl. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus – Do not free ring buffers that cannot be re-encrypted. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the return of...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the memory being retained. Callers must take care to...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Do not free decrypted memory. In CoCo Virtual Machines, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail. As a result, an error may be returned, and the decrypted memor...

CVE-2026-31472

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...

CVE-2026-31472 xfrm: iptfs: validate inner IPv4 header length in IPTFS payload

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...

EUVD-2025-209284

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

CVE-2025-14858

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...

CVE-2025-14858 Semtech LR11xx Encrypted Firmware Disclosure

The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information disclosure vulnerability in its firmware validation functionality. When a host issues a firmware validity check command via the SPI interface, the device decrypts the provided encrypted firmware packag...