4060 matches found
CVE-2026-42530
NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...
CVE-2026-42055
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...
Authentication Bypass
Spring Web Services is vulnerable to Authentication Bypass. The vulnerability is due to X509AuthenticationProvider issuing a fully authenticated X509AuthenticationToken based solely on certificate-to-user mapping, without enforcing standard account status checks such as disabled, locked, expired,...
PT-2026-50597
Name of the Vulnerable Software and Affected Versions Filament versions 3.0.0 through 3.3.52 Description A disabled RichEditor field renders its raw state without sanitizing HTML. If the data stored in the field's state was not previously sanitized when the form state was filled, an attacker can...
PT-2026-50592
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.6 Description Several direct, index-addressed Ollama proxy routes allow authenticated users to bypass backend isolation. The system accepts a caller-supplied url idx path parameter and uses it as a raw index in...
PT-2026-50439
Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.31.0 through 1.31.1 NGINX Ingress Controller affected versions not specified NGINX Gateway Fabric affected versions not specified NGINX Instance Manager affected versions not specified Description A use-after-free...
Malicious code in pretie_x2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc0da1230156c752bfa8b3456568e30a9eeb73c4100bff87777ae57d9f562e75 Package name pretiex2 and its description 'Opinionated code formatter for modern JavaScript and TypeScript.' with keywords including prettier...
Malicious code in pretie_x1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6308c285cb943f91fc16f7872bce135b8347b827139f5ad0cf8706ba992f104 Package masquerades as the prettier formatter name pretiex1, description "Opinionated code formatter for modern JavaScript and TypeScript.", keywords...
MAL-2026-5919 Malicious code in pretie_x1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6308c285cb943f91fc16f7872bce135b8347b827139f5ad0cf8706ba992f104 Package masquerades as the prettier formatter name pretiex1, description "Opinionated code formatter for modern JavaScript and TypeScript.", keywords...
rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...
rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
A flaw was found in rsync. An rsync daemon configured with "use chroot = no" is exposed to a time-of-check / time-of-use race on parent path components. A local attacker with write access to a module can replace a parent directory component with a symlink between the receiver's check and its open...
BIT-MONGODB-2026-9735 Keyfile contents are in MongoDB Server logs
MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parameters are written to the log without redaction...
CVE-2026-47137
A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker could bypass a security check designed to prevent the combination of nested environments and disabled module loading. This bypass occurs because a strict equality check for the require option can be...
GHSA-R7G4-QG5F-QQM2 Nodemailer: Improper TLS Certificate Validation in OAuth2 Token Fetch Enables Credential Interception
Summary Nodemailer disables TLS certificate verification in its internal HTTPS fetch client through the use of rejectUnauthorized: false inside lib/fetch/index.js. As a result, OAuth2 token requests trust invalid or self-signed HTTPS certificates and transmit sensitive OAuth credentials over...
Nodemailer: Improper TLS Certificate Validation in OAuth2 Token Fetch Enables Credential Interception
Summary Nodemailer disables TLS certificate verification in its internal HTTPS fetch client through the use of rejectUnauthorized: false inside lib/fetch/index.js. As a result, OAuth2 token requests trust invalid or self-signed HTTPS certificates and transmit sensitive OAuth credentials over...
CVE-2026-6517
Mattermost Desktop App versions =6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server without the image proxy enabled to intercept other users credentials via embedding an image that...
kernel security update
4.18.0-553.132.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
Security update for cyrus-imapd (important)
openSUSE security update: security update for cyrus-imapd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20962-1 Rating: important References: bsc1241536 bsc1241543 bsc1246165 bsc1251788 Cross-References: CVE-2025-23394 CVE-2025-49812 CVSS scores:...
SUSE CVE-2026-42764
Issue summary: Receiving a QUIC initial packet with an invalid token may trigger a NULL pointer dereference in the OpenSSL QUIC server with address validation disabled. Impact summary: NULL pointer dereference typically causes abnormal termination of the affected QUIC server process and a Denial ...