CVE-2026-0616

TheLibrarians webfetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615 CVE-2026-0615

The Librarian supervisord status page can be retrieved by the webfetch tool, which can be used to retrieve running processes within TheLibrarian backend. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0615

The Librarian (TheLibrarian.io) vulnerability CVE-2026-0615 concerns the supervisord status page exposed via the web_fetch tool, enabling retrieval of running processes in TheLibrarian backend. According to the sources, this could allow an attacker to enumerate backend processes and exposed state...

CVE-2026-0616 CVE-2026-0616

TheLibrarians webfetch tool can be used to retrieve the Adminer interface content, which can then be used to log into the internal TheLibrarian backend system. The vendor has fixed the vulnerability in all affected versions...

CVE-2026-0616

CVE-2026-0616 concerns The Librarian’s web_fetch tool, which can be used to retrieve the Adminer interface content and potentially log into the internal TheLibrarian backend system. The vulnerability is described across multiple connected sources as enabling access to internal infrastructure and ...

CVE-2026-0613 CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

CVE-2026-0613 CVE-2026-0613

The Librarian contains an internal port scanning vulnerability, facilitated by the webfetch tool, which can be used with SSRF-style behavior to perform GET requests to internal IP addresses and services, enabling scanning of the Hertzner cloud environment that TheLibrarian uses. The vendor has...

CVE-2026-0613

The Librarian (TheLibrarian.io) has an internal port-scanning vulnerability via the web_fetch tool that can be used for SSRF-like GET requests to internal IPs/services, enabling probing of the Hertzner cloud environment. The issue is tied to CVE-2026-0613; vendor remediation states the vulnerabil...

CVE-2026-0612 CVE-2026-0612

The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...

CVE-2026-0612

The Librarian (TheLibrarian.io) contains an information leakage vulnerability in the web_fetch tool that allows an attacker to retrieve arbitrary external content and proxy requests through The Librarian infrastructure. The issue affects The Librarian implementations and has been fixed in all ver...

CVE-2026-0612

The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...

PT-2026-3249

Name of the Vulnerable Software and Affected Versions TheLibrarian versions prior to the fixed version Description The supervisord status page within TheLibrarian can be accessed via the web fetch tool, potentially exposing running processes in the backend. This allows for the retrieval of...

PT-2026-3250

Name of the Vulnerable Software and Affected Versions TheLibrarians affected versions not specified Description The web fetch tool within TheLibrarians allows retrieval of the Adminer interface content, potentially enabling unauthorized access to the internal TheLibrarian backend system. This...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001153)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001153 advisory. The saa7164busget function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service out-of-bound...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001666 advisory. The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary acces...

MiracleLinux 7 : firefox-60.7.0-1.0.1.el7.AXS7 (AXSA:2019-3895:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3895:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 CVE-2019-9800 Mozilla: Cross-origin theft of images with createImageBitmap...