OESA-2026-2490 libvncserver security update

libvncserver is a set of programs using the RFB Remote Frame Buffer protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets which LibVNCServer does, you can also connect using an in-browser VNC...

CVE-2026-45615

ASN.1 compiler mouse07410/asn1c (1.4 and earlier) contains a memory-safety flaw in the OER decoding skeleton (INTEGER_oer.c). Parsing a crafted, zero-length OER payload for a variable-length, non-negative INTEGER can skip required-byte validation before extracting the MSB, causing a precise 1-byt...

CVE-2026-49197

The CVE affects web endpoints used by the Acer Connect app, where the Authorization header is not properly validated. The underlying issue is improper handling of Base64 decoding failures, allowing requests that should be blocked. CVSS indicates a CRITICAL impact with high consequences for confid...

ROS-20260529-73-0014

The vulnerability in openbao is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

cpp-httplib 安全漏洞

cpp-httplib is a C++ library developed by Yhirose, which includes HTTP/HTTPS server and client components. Versions of cpp-httplib prior to 0.43.4 contained security vulnerabilities. These vulnerabilities stemmed from negative chunk sizes in chunked transmission encoding, leading to unbounded...

asn1c 安全漏洞

ASN1C is an ASN.1 compiler developed by Lev Walkin as a personal project. Versions of ASN1C prior to 1.4 contained security vulnerabilities. These vulnerabilities stemmed from memory safety issues in the OER decoding framework. When parsing specially crafted zero-length payloads, the decoder did...

CVE-2026-45364

The CVE-2026-45364 issue affects Better Auth (TypeScript) where the HTTP rate limiter keyed by the leftmost x-forwarded-for value could be bypassed for IPv6. Before fixes, IPv6 prefix rotation (e.g., /64) and multiple textual representations could produce 2^64 distinct keys, letting an attacker p...

CVE-2026-32847 DeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.py

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

CVE-2026-32847 DeepCode 1.2.0 Path Traversal via SPA Catch-All Route in main.py

DeepCode through commit c991dc2 contains a path traversal vulnerability in the SPA catch-all route in newui/backend/main.py that allows unauthenticated attackers to read arbitrary files by supplying percent-encoded path segments to the GET /fullpath:path endpoint. Attackers can bypass Starlette's...

LTD_Communication

LTD Communication — Cybersecurity Course Project Vulnerable...

curl: Proxy CONNECT response poisoning via authentication retry in cf-h1-proxy.c (libcurl)

Summary: When an HTTP/1.x proxy returns a 407 with no Content-Length and no chunked transfer-encoding, lib/cf-h1-proxy.c singleheader sets ts-keepon = KEEPONDONE but never sets ts-closeconnection = TRUE. Because ts-closeconnection and conn-bits.close both stay false, the CONNECT tunnel state...

CVE-2026-42585

A flaw was found in Netty. This vulnerability allows a remote attacker to perform request smuggling attacks due to incorrect parsing of malformed Transfer-Encoding headers. By exploiting this flaw, an attacker can bypass security controls and potentially access sensitive information or manipulate...

USN-8338-1: Apache HTTP Server vulnerabilities

It was discovered that Apache HTTP Server incorrectly handled certain response headers. An attacker could possibly use this issue to perform HTTP response splitting attacks. This issue only affected Ubuntu 14.04 LTS. CVE-2023-38709 Will Dormann and David Warren discovered that Apache HTTP Server'...

USN-8336-1: PHP vulnerabilities

Aleksey Solovev and Nikita Sveshnikov discovered that PHP improperly handled NUL bytes when preparing SQL queries in the PDO Firebird driver. An attacker could possibly use this issue to perform SQL injection attacks. CVE-2025-14179 It was discovered that PHP incorrectly handled certain encoding...

USN-8336-1 php8.1, php8.3, php8.4, php8.5 vulnerabilities

Aleksey Solovev and Nikita Sveshnikov discovered that PHP improperly handled NUL bytes when preparing SQL queries in the PDO Firebird driver. An attacker could possibly use this issue to perform SQL injection attacks. CVE-2025-14179 It was discovered that PHP incorrectly handled certain encoding...

CVE-2026-9658

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

CVE-2026-9658 Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths

Plack::Middleware::Security::Common versions before 0.13.1 for Perl did not block header injections in request paths. The header injection rule was ineffective at blocking header injections in the request paths unless they were double-encoded, for example, GET /path\r\nHTTP/1.1\r\nHost:...

CVE-2026-42581

A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both Transfer-Encoding: chunked and Content-Length headers. While Netty correctly strips the conflicting Content-Length header for HTTP/1.1 messages, thi...

CVE-2026-42579

A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...

SUSE CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...