PT-2026-49468

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies in certain configuration scenarios. This affects both the WebMVC and WebFlux Gateway Servers. Affected versions: Spring Cloud Gateway 3.1.x fix 3.1.13. Spring Cloud Gateway 4.1.x fix 4.1.13. Spri...

CVE-2026-11815

An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution...

EUVD-2026-25812

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function checkauth of the file gateway/platforms/apiserver.py of the component APISERVERKEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. Th...

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

Summary Gateway HTTP and WebSocket handlers captured the resolved bearer-auth configuration when the server started. After a SecretRef rotation, the already-running gateway could continue accepting the old bearer token until restart. Impact A bearer token that should have been revoked by SecretRe...

CVE-2026-34952

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and the...

EUVD-2026-18923

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and the...

OpenClaw log poisoning (indirect prompt injection) via WebSocket headers

Summary In openclaw versions prior to 2026.2.13, OpenClaw logged certain WebSocket request headers including Origin and User-Agent without neutralization or length limits on the "closed before connect" path. If an unauthenticated client can reach the gateway and send crafted header values, those...

CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure

NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...

ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +45 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.5)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =1.6.0, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...

ch.nexsol-tech.gateway:sample-gateway (>=1.2.0 <=1.3.1), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=1.2.0 <=1.3.1) +37 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.3.0 <=4.3.1)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.3.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =3.0.0, =1.8.9, =0.12.1, =0.12.1, =0.12.10, =3.10.0, =3.11.0 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...

Expression Language Injection

Overview Affected versions of this package are vulnerable to Expression Language Injection in route definitions. An attacker with permission to define routes can expose the server's file structure or other sensitive environment variables by crafting a SpEL expression to access sensitive system...

EUVD-2015-6425

Malware in sbrugna...

EUVD-2012-4632

Malware in sbrugna...

EUVD-2012-4631

Malware in sbrugna...

EUVD-2022-0829

Malicious code in bioql PyPI...

EUVD-2022-53193

Malicious code in bioql PyPI...

EUVD-2022-30953

Malicious code in bioql PyPI...

EUVD-2022-53192

Malicious code in bioql PyPI...

Vulnerability fixed in Citrix NetScaler ADC and NetScaler Gateway

Citrix has fixed a vulnerability in NetScaler ADC and NetScaler Gateway. To be vulnerable, NetScaler must be configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server. Note that this is often default config. The vulnerability is in the way memory is managed in...

ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +43 more potentially affected by CVE-2025-41235 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.2)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41235 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-10265481...