2459120 matches found
CVE-2026-48090
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...
CVE-2026-48090
Envoy CVE-2026-48090 affects the HTTP OAuth2 filter (envoy.filters.http.oauth2) in 1.37.0–1.37.5 and 1.38.3. A late AsyncClient completion can call OAuth2Filter methods after the downstream stream has been torn down, leading to undefined behavior, worker crashes, and use-after-free/invalid-vptr f...
CVE-2026-48090 Envoy HTTP: OAuth2 filter late async token completion after stream teardown (UAF / crash risk)
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...
CVE-2026-53081
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF verifier. This vulnerability occurs due to inconsistent base ID mapping when the regsafe function compares scalar registers with BPFADDCONST values. This inconsistency allows the BPF verifier to incorrectly succeed in state pruning...
CVE-2026-52950
A flaw was found in the Linux kernel, specifically within the drm/xe/dma-buf component. This Use-After-Free UAF vulnerability occurs due to an issue in a retry loop, where a buffer object is prematurely freed on error. An attacker could potentially exploit this to cause memory corruption, leading...
MAL-2026-6532 Malicious code in chai-as-assured (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd28efd7a3d07f87ec22556cc25a8c07117fa4cdd237c6cb1db750c976a11836 chai-as-assured impersonates the popular chai-as-promised package matching README, author, and API surface. When the exported plugin function is...
Malicious code in chai-as-assured (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd28efd7a3d07f87ec22556cc25a8c07117fa4cdd237c6cb1db750c976a11836 chai-as-assured impersonates the popular chai-as-promised package matching README, author, and API surface. When the exported plugin function is...
EUVD-2026-39825
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...
CVE-2026-48706 Envoy Heap Buffer Overflow in TcpStatsdSink
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...
CVE-2026-48706
CVE-2026-48706 affects Envoy TCP StatsD sink (TcpStatsdSink): when a statistic name exceeds 16 KiB, the 16 KiB FLUSH_SLICE is not correctly managed during buffer rotation, causing a heap write overflow. This can lead to process crash or potentially remote code execution. Affected versions: 1.34.0...
CVE-2026-48706
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...
CVE-2026-48706 Envoy Heap Buffer Overflow in TcpStatsdSink
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, a vulnerability exists in Envoy's TCP StatsD sink TcpStatsdSink, where the thread-local flusher buffer can be overflowed by exceptionally long statistic...
CVE-2026-47221 Envoy: Null pointer deref in internal redirects
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...
CVE-2026-47221 Envoy: Null pointer deref in internal redirects
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...
EUVD-2026-39823
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...
CVE-2026-47221
Envoy vulnerability CVE-2026-47221: a null pointer dereference in the router filter during internal redirects involving HTTP 303 can crash the process and cause DoS. Affected versions are 1.18.0 through 1.35.13, and 1.36.9, 1.37.5, and 1.38.3. When a body-less POST/PUT/DELETE/PATCH to a route wit...
CVE-2026-47221
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.18.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, the router filter contains a null pointer dereference vulnerability when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests...
GHSA-XQ73-FVMR-JVMM OpenAM Authentication Bypass via MSISDN LDAP Injection
Summary Description An LDAP Injection CWE-90 vulnerability in the MSISDN authentication module allows an unauthenticated, remote attacker to obtain an arbitrary OpenAM session without a password in the default trusted gateway configuration. This impacts OpenAM Community Edition through version...
OpenAM Authentication Bypass via MSISDN LDAP Injection
Summary Description An LDAP Injection CWE-90 vulnerability in the MSISDN authentication module allows an unauthenticated, remote attacker to obtain an arbitrary OpenAM session without a password in the default trusted gateway configuration. This impacts OpenAM Community Edition through version...
Exploit for OS Command Injection in Cacti
CVE-2026-39938: Cacti " 3.2 Execute the Code by Incl...