CVE-2026-45609

CVE-2026-45609 concerns the mcp-security component of Spring AI, where unvalidated URL fetching enables SSRF prior to version 0.1.9. The vulnerability affects installations with Dynamic Client Registration (DCR) enabled and involves processing untrusted URLs used for OAuth-related discovery and m...

CVE-2026-31587

A flaw was found in the Linux kernel, specifically within the ASoC ALSA System on Chip qcom q6apm component. This vulnerability arises from incorrect memory management during the dynamic registration of digital audio interface DAI components. When both the component and its associated DAIs are...

CVE-2026-1180

A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using privatekeyjwt. The issue allows a client to specify an arbitrary jwksuri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the...

Fedora: Security Advisory for golang-k8s-kube-aggregator (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-k8s-kube-aggregator-1.22.0-5.fc36

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

[SECURITY] Fedora 35 Update: golang-k8s-kube-aggregator-1.22.0-4.fc35

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

Fedora: Security Advisory for golang-k8s-kube-aggregator (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-k8s-kube-aggregator-1.22.0-4.fc36

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

[SECURITY] Fedora 36 Update: golang-k8s-kube-aggregator-1.22.0-3.fc36

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

Fedora: Security Advisory for golang-k8s-kube-aggregator (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2018-14987

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201N/m201N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android versionCode=19, versionName=4.4.2-20170213 that dynamically registers a broadcast receiver app component named...