CVE-2026-25223

Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character \t followed by arbitrary content ...

CVE-2026-25223 Fastify's Content-Type header tab character allows body validation bypass

Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character \t followed by arbitrary content ...

Fastify's Content-Type header tab character allows body validation bypass

Impact A validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character \t followed by arbitrary content to the Content-Type header, attackers can bypass body validation while the serve...

PT-2026-6444

Impact A validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character t followed by arbitrary content to the Content-Type header, attackers can bypass body validation while the server...

CVE-2026-24381

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

CVE-2026-24381 WordPress PhotoMe theme < 5.7.2 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

PT-2025-44549

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.2 Description Nagios XI versions prior to 5.7.2 are susceptible to cross-site scripting XSS through the Manage Users page within the Admin interface. This is due to inadequate validation or escaping of...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.7.2 that stems from the upload handler not...

CVE-2024-30513

Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2...

CVE-2024-25909

Unrestricted Upload of File with Dangerous Type vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2...

NET-SNMP UDP protocol handler code execution vulnerability

NET-SNMP is an open source Simple Network Management Protocol SNMP software. The software is used to monitor network devices , computer equipment , UPS equipment , etc. UDP protocol handler is one of the UDP Open System Interconnection protocol handler . A security vulnerability exists in the UDP...

Cloudera CDH Setry Authorization Bypass Vulnerability

CDH is the most complete, tested and widely deployed distribution of Apache Hadoop.CDH is 100% open source and is the only Hadoop solution that offers batch processing, interactive SQL and interactive search, and enterprise-grade continuous availability. A Setry authorization bypass vulnerability...