CVE-2026-41272 Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the...

GHSA-2X8M-83VC-6WV4 Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Summary The core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding Time-of-Check Time-of-Use or by exploiting the default configuratio...

Flowise: SSRF Protection Bypass (TOCTOU & Default Insecure)

Summary The core security wrappers secureAxiosRequest and secureFetch intended to prevent Server-Side Request Forgery SSRF contain multiple logic flaws. These flaws allow attackers to bypass the allow/deny lists via DNS Rebinding Time-of-Check Time-of-Use or by exploiting the default configuratio...

GHSA-8WFP-579W-6R25 Kyverno apiCall automatically forwards ServiceAccount token to external endpoints (credential leak)

Summary Kyverno's apiCall service mode automatically attaches the admission controller's ServiceAccount SA token to outbound HTTP requests. This results in unintended credential exposure when requests are sent to external or attacker-controlled endpoints. The behavior is insecure-by-default and n...

foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification

A flaw was found in foremankubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority CA certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and...

SUSE CVE-2026-25060

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver communications. The TlsInsecureSkipVerify setting is default to true in the DefaultConfig function in internal/conf/config.go. This vulnerability enables...

GHSA-8JMM-3XWX-W974 Alist has Insecure TLS Config

Summary The application disables TLS certificate verification by default for all outgoing storage driver communications, making the system vulnerable to Man-in-the-Middle MitM attacks. This enables the complete decryption, theft, and manipulation of all data transmitted during storage operations,...

CVE-2026-25060 OpenList Insecure TLS Default Configuration

OpenList Frontend is a UI component for OpenList. Prior to 4.1.10, certificate verification is disabled by default for all storage driver communications. The TlsInsecureSkipVerify setting is default to true in the DefaultConfig function in internal/conf/config.go. This vulnerability enables...

Adobe ColdFusion XML External Entity References Improperly Restricted Vulnerability

Adobe ColdFusion is a dynamic Web server platform and application development framework maintained by Adobe for rapidly building and deploying data-driven dynamic Web sites, Web applications, and enterprise-class services. Adobe ColdFusion suffers from an improperly restricted XML external entity...

Ray's New Token Authentication is Disabled By Default

Anyscale Ray 2.52.0 contains an insecure default configuration in which token-based authentication for Ray management interfaces including the dashboard and Jobs API is disabled unless explicitly enabled by setting RAYAUTHMODE=token. In the default unauthenticated state, a remote attacker with...

CVE-2021-20154

Trendnet AC2600 TEW-827DRU version 2.08B01 contains an security flaw in the web interface. HTTPS is not enabled on the device by default. This results in cleartext transmission of sensitive information such as passwords...

CVE-2024-42364 homepage DNS rebinding vulnerability (GHSL-2024-096)

Homepage is a highly customizable homepage with Docker and service API integrations. The default setup of homepage 0.9.1 is vulnerable to DNS rebinding. Homepage is setup without certificate and authentication by default, leaving it to vulnerable to DNS rebinding. In this attack, an attacker will...

http-tiny: perl: insecure TLS cert default

A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...

http-tiny: perl: insecure TLS cert default

A vulnerability was found in Tiny, where a Perl core module and standalone CPAN package, does not verify TLS certificates by default. Users need to explicitly enable certificate verification with the verifySSL=1 flag to ensure secure HTTPS connections. This oversight can potentially expose...

tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their...

tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their...

UBUNTU-CVE-2018-8014

The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their...