174 matches found
CVE-2026-1664
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664 Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664 Insecure Direct Object Reference (IDOR) via Header-Based Email Routing
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
EUVD-2026-5307
Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...
CVE-2026-1664
Summary: CVE-2026-1664 affects Cloudflare Agents SDK prior to 0.3.7, due to an IDOR in header-based email routing. Root cause: createHeaderBasedEmailResolver() parses Message-ID and References to derive target agentName/agentId without cryptographic/origin verification, letting external headers s...
PT-2026-6054
Name of the Vulnerable Software and Affected Versions Cloudflare Agents SDK versions prior to 0.3.7 Description An Insecure Direct Object Reference exists in the createHeaderBasedEmailResolver function. The issue arises because the Message-ID and References headers are parsed to determine the...
Cloudflare Agents 安全漏洞
Cloudflare Agents is an open-source tool developed by Cloudflare for building and deploying AI agents on Cloudflare platforms. There is a security vulnerability in Cloudflare Agents, which stems from the createHeaderBasedEmailResolver function’s inability to validate the Message-ID and References...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22043)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22043 advisory. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: add bounds check for durable hand...
Temporal—durable 安全漏洞
Temporal is a persistent execution platform open-sourced by temporal.io. A security vulnerability exists in Temporal-durable 1.29.1 and earlier versions, which stems from improper authorization of cross-namespace commands and could lead to unauthorized creation of workflows...
EUVD-2008-0904
Malware in sbrugna...
EUVD-2021-21090
Malware in sbrugna...
EUVD-2025-11261
Malicious code in bioql PyPI...
EUVD-2023-1623
Malicious code in bioql PyPI...
EUVD-2023-1395
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-22043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: add bounds check for durable handle context Add missing bounds check for durable handle context. CVE-2025-22043 Note that Nessus relies on the presence o...
ksmbd: add bounds check for durable handle context
...
CVE-2023-33001
Jenkins HashiCorp Vault Plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials in the build log when push mode for durable task logging is enabled...
DEBIAN-CVE-2025-37802
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix WARNING "do not call blocking ops when !TASKRUNNING" waiteventtimeout will set the state of the current task to TASKUNINTERRUPTIBLE, before doing the condition check. This means that ksmbddurablescavengeralive will try...