10868 matches found
CVE-2026-54518
The CVE-2026-54518 issue affects jackson-databind’s UnwrappedPropertyHandler path. From 2.21.0 through 2.21.4 and 3.1.0 through 3.1.4, UnwrappedPropertyHandler.processUnwrappedCreatorProperties() replays buffered JSON into creator parameters without consulting prop.visibleInView(activeView). This...
EUVD-2026-38593
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, BasicPolymorphicTypeValidator.Builder.allowIfSubTypeIsArray allowlists any array type based only on clazz.isArray, without validating th...
EUVD-2026-38592
jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.0.0 until 2.18.8, 2.21.4, and 3.1.4, JDKFromStringDeserializer constructed InetSocketAddress with new InetSocketAddresshost, port, which performs eager DNS name resolution fo...
ROOT-APP-NPM-CVE-2026-44575 CVE-2026-44575 in @rootio/next - Patched by Root
Root has patched CVE-2026-44575 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44573 CVE-2026-44573 in @rootio/next - Patched by Root
Root has patched CVE-2026-44573 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44577 CVE-2026-44577 in @rootio/next - Patched by Root
Root has patched CVE-2026-44577 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44579 CVE-2026-44579 in @rootio/next - Patched by Root
Root has patched CVE-2026-44579 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44578 CVE-2026-44578 in @rootio/next - Patched by Root
Root has patched CVE-2026-44578 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44581 CVE-2026-44581 in @rootio/next - Patched by Root
Root has patched CVE-2026-44581 in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-8H8Q-6873-Q5FJ GHSA-8h8q-6873-q5fj in @rootio/next - Patched by Root
Root has patched GHSA-8h8q-6873-q5fj in the @rootio/next package for Root:npm. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-45292 CVE-2026-45292 in io.root.io.opentelemetry:opentelemetry-api - Patched by Root
Root has patched CVE-2026-45292 in the io.root.io.opentelemetry:opentelemetry-api package for Root:Maven. Multiple fixed versions available...
CVE-2026-54308
n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, the MicrosoftAgent365Trigger and StripeTrigger node did not validate that inbound requests. As a result, an unauthenticated attacker who knows the webhook URL could submit a forged payload and cause the workflow to...
CVE-2026-45732
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, the OAuth1 and OAuth2 credential reconnect endpoints authorized access using credential:read rather than credential:update. An authenticated user with read-only access to a shared credential could initiate ...
CVE-2026-44791
n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could bypass the patch for CVE-2026-42232 in the XML node. When combined with other nodes, this could lead to RCE on the n8n host. This...
ROOT-APP-MAVEN-CVE-2025-66168 CVE-2025-66168 in io.root.org.apache.activemq:activemq-mqtt - Patched by Root
Root has patched CVE-2025-66168 in the io.root.org.apache.activemq:activemq-mqtt package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-33227 CVE-2026-33227 in io.root.org.apache.activemq:activemq-client - Patched by Root
Root has patched CVE-2026-33227 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-34197 CVE-2026-34197 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-34197 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-39304 CVE-2026-39304 in io.root.org.apache.activemq:activemq-client - Patched by Root
Root has patched CVE-2026-39304 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41043 CVE-2026-41043 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41043 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41044 CVE-2026-41044 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41044 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...