CVE-2026-30827 express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting (all IPv4 clients share one bucket on dual-stack servers)

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. Th...

CVE-2026-30827

CVE-2026-30827 affects express-rate-limit for Express. The default keyGenerator mishandles IPv4 when the system treats IPv4 addresses as IPv6 mapped (IPv4-mapped IPv6 addresses like ::ffff:x.x.x.x). On dual-stack servers, this causes a /56 subnet mask to be applied to all IPv6 addresses, making a...

CVE-2026-30827 express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting (all IPv4 clients share one bucket on dual-stack servers)

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. Th...

GHSA-46WH-PXPV-Q5GQ express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting on servers with dual-stack network

Summary The default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. This includes IPv4-mapped IPv6 addresses ::ffff:x.x.x.x, which Node.js returns as request.ip on dual-stack servers. Because the first 80 bits of all...

express-rate-limit: IPv4-mapped IPv6 addresses bypass per-client rate limiting on servers with dual-stack network

Summary The default keyGenerator in express-rate-limit applies IPv6 subnet masking /56 by default to all addresses that net.isIPv6 returns true for. This includes IPv4-mapped IPv6 addresses ::ffff:x.x.x.x, which Node.js returns as request.ip on dual-stack servers. Because the first 80 bits of all...

PT-2026-23791

Name of the Vulnerable Software and Affected Versions express-rate-limit versions 8.0.0 through 8.0.1 express-rate-limit versions 8.1.0 through 8.1.1 express-rate-limit versions 8.2.0 through 8.2.1 Description The default keyGenerator in express-rate-limit incorrectly applies IPv6 subnet masking ...

RHEL 9 : Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update (Important) (RHSA-2025:23070)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23070 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

EUVD-2013-1229

Malware in sbrugna...

EUVD-2018-13354

Malware in sbrugna...

EUVD-2021-0128

Malware in sbrugna...

The vulnerability of the DS-Lite technology (Dual-Stack Lite) and NAT (Network Address Translation) in the Junos OS router series of MX devices, which allows a hacker to cause a service failure.

The vulnerability of the DS-Lite Dual-Stack Lite technology and NAT Network Address Translation in Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to validating the IPv4 as safe but then the request will be made to the unsafe IPv6 address, when a domain resolves to a public IPv4 and a private IPv6. PoC php enablePinDns; $pluginClient = new...

CVE-2024-20293

A vulnerability in the activation of an access control list ACL on Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. Thi...

CVE-2024-20293

A vulnerability in the activation of an access control list ACL on Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. Thi...

CVE-2024-20293

CVE-2024-20293 describes a logic error in Cisco ASA and Firepower Threat Defense (FTD) Software where ACLs switch from inactive to active in the running configuration. This can let an unauthenticated, remote attacker bypass configured ACL protections, potentially granting access to trusted networ...

nmstate bug fix and enhancement update

An update is available for nmstate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Nmstate is a library with an accompanying command line tool that manages host...

SUSE CVE-2021-21392

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6...

Metasploit Weekly Wrap-Up

Cacti Unauthenticated Command Injection Thanks to community contributor Erik Wynter, Metasploit Framework now has an exploit module for an unauthenticated command injection vulnerability in the Cacti network-monitoring software. The vulnerability is due to a procopen call that accepts unsanitized...

GHSA-WC5V-R48V-G4VH Cilium host policy bypass in endpoint-routes mode with dual-stack

Impact This vulnerability allows bypassing host policies for IPv6 traffic coming from a Cilium-managed pod and destined to the host-network namespace e.g., to a host-network pod. Host policy enforcement on IPv4 or for traffic coming from outside the node is not affected. Cilium is only affected b...