CVE-2026-44065

An off-by-two error in lpwrite in papd in Netatalk 2.0.0 through 4.4.2 allows an adjacent network attacker to modify limited data or cause a minor service disruption via crafted print data...

CVE-2026-44055

A logic error involving bitwise OR operations in Netatalk 3.1.4 through 4.4.2 allows a remote authenticated attacker to inject OS commands and execute arbitrary code...

Malicious code in auth0-templates-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1bc0f40b778be080e2a14dd0097ab772565cc570f5fd471f10e883f259be2db6 Package name 'auth0-templates-scripts' impersonates the Auth0 Okta brand without affiliation. The author field is the placeholder 'OpenSource...

psqli

psqli Powerfull Automatic Sql injection Tools Pack Fast...

Trend Micro Apex One 访问控制错误漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has an access control vulnerability, which stems from a source verification error. This vulnerability may allow local attackers to gain elevated privileges...

PT-2026-42437

Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error conditions occur simultaneously, which may allow a remote attacker to cause a minor service disruption via conditions that trigger incorrect error-handling paths...

PT-2026-42427

Name of the Vulnerable Software and Affected Versions Netatalk versions 2.2.1 through 4.4.2 Description The software calls the system function after a failed chdir operation without properly handling the error condition. This allows a local privileged user to execute unintended commands or cause ...

Parser-Free Querying of Security Logs

Security analysts routinely query system logs to detect threats and investigate incidents, but each log source uses its own semi-structured format: logs are cheap to produce, but expensive to use. The standard approach, building per-source parsers to normalize logs into structured schemas, is...

Netatalk 操作系统命令注入漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.2.1 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...

Netatalk 格式化字符串错误漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.0.3 to 4.4.2 of Netatalk contain a vulnerability related to formatted string errors. This vulnerability arises from...

Netatalk 操作系统命令注入漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.4 to 4.4.2 of Netatalk contained a vulnerability related to operating system command injection. This vulnerability...

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.0.4 to 4.4.2 of Netatalk contain a buffer error vulnerability. This vulnerability stems from improper termination of emp...

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.1.0 to 4.4.2 of Netatalk contain a buffer error vulnerability. This vulnerability stems from excessive heap reading during t...

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 3.1.0 to 4.4.2 of Netatalk contain a buffer error vulnerability. This vulnerability stems from multiple heap out-of-bound read...

Trend Micro Apex One 访问控制错误漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has an access control vulnerability, which stems from a source verification error. This vulnerability may allow local attackers to gain elevated privileges...

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.3 to 4.4.2 of Netatalk contained a buffer error vulnerability. This vulnerability stemmed from out-of-bounds reading during...

Langflow Origin Validation Error Vulnerability

Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh...

PowerDNS Authoritative 访问控制错误漏洞

PowerDNS Authoritative is a DNS server software developed by PowerDNS Corporation. PowerDNS Authoritative has a vulnerability related to access control, which stems from incorrect behavior in the view of TCP PROXY requests...

CVE-2026-9137

CVE-2026-9137 affects the CSP report endpoint in MISP. The endpoint intended to cap CSP report payloads at 1 KB was incorrectly allowing reports up to 1 MB before truncation, enabling potential log flooding and resource exhaustion on deployments where the endpoint is reachable by untrusted client...

CVE-2026-9137 CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit

The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...