CVE-2026-8368

CVE-2026-8368 affects the Perl module LWP::UserAgent before 6.83. The redirect handling on 3xx responses leaks caller credentials by sending Authorization and Proxy-Authorization headers unchanged, even across scheme/host/port changes, to the redirect target. This can disclose credentials to atta...

CVE-2026-43938 YAF.NET: Unauthenticated Stored Second-Order XSS in Admin Event Log via Reflected `User-Agent` Header

YetAnotherForum.NET YAF.NET is a C ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger YAFNET.Core/Logger/DbLogger.cs captures the incoming request's User-Agent header into a JObject, serializes it with JsonConvert, and stores the result in the EventLog.Description column...

CVE-2026-43938 YAF.NET: Unauthenticated Stored Second-Order XSS in Admin Event Log via Reflected `User-Agent` Header

YetAnotherForum.NET YAF.NET is a C ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger YAFNET.Core/Logger/DbLogger.cs captures the incoming request's User-Agent header into a JObject, serializes it with JsonConvert, and stores the result in the EventLog.Description column...

CVE-2026-43938

Summary (supported): CVE-2026-43938 affects YetAnotherForum.NET (YAF.NET) prior to 4.0.5 and 3.2.12. The database logger captures the request’s User-Agent into a JSON object and stores it in EventLog.Description. When an admin views the EventLog, the code deserializes that JSON and interpolates t...

RUSTSEC-2026-0140 DNS rebinding and cross-origin CSRF in dynoxide's MCP HTTP transport

dynoxide's MCP HTTP transport was vulnerable to DNS rebinding via its transitive rmcp dependency, plus a related cross-origin CSRF gap. A malicious web page could make the user's browser send requests to a local dynoxide mcp --http or dynoxide serve --mcp server with a non-loopback Host header,...

CVE-2026-43969

A flaw was found in cowlib, a library used for handling HTTP cookies. An attacker can exploit this vulnerability by injecting special characters, such as carriage return CR and line feed LF, into cookie names or values due to improper input validation. This allows for HTTP request splitting,...

CVE-2026-44694

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. From version 2.18.7 to before version 2.50.2, there is an authenticated server-side request forgery vulnerability affecting the webhook trigger tools, the n8n API client N8NAPIURL, a...

CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins

webpack-dev-server versions up to and including 5.2.3 are vulnerable to cross-origin source code exposure when serving over a non-potentially trustworthy origin such as plain HTTP. The previous fix relied on the Sec-Fetch-Mode and Sec-Fetch-Site request headers, which browsers omit for...

SUSE CVE-2020-27223

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e. q parameters, the server may enter a denial of service DoS state due to high CPU usage processing those quality...

EUVD-2026-29344

HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that becomes the Host: header, and HTTP/1.1 control data field values. An attacker who controls one ...

Linux Distros Unpatched Vulnerability : CVE-2026-7010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and U...

YAFNET 跨站脚本漏洞

YAFNET is an ASP.NET open-source forum solution developed by YAFNET’s developers. Versions of YAFNET prior to 4.0.5 and 3.2.12 contained a cross-site scripting vulnerability. This vulnerability stemmed from the database logging mechanism serializing user agent headers as JSON without encoding the...

PT-2026-40070

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.21 Apache Tomcat versions 10.1.0-M1 through 10.1.54 Apache Tomcat versions 9.0.2 through 9.0.117 Apache Tomcat versions 8.5.24 through 8.5.100 Apache Tomcat versions 7.0.83 through 7.0.109...

PT-2026-40330

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entr...

PT-2026-40455

Name of the Vulnerable Software and Affected Versions arduino-esp32 versions prior to 3.3.8 Description The WebServer Digest authentication implementation computes the authentication hash using the URI field from the client's Authorization header without verifying that it matches the actual...

PT-2026-40545

Name of the Vulnerable Software and Affected Versions SillyTavern versions prior to 1.18.0 Description An authentication bypass and account takeover issue exists when Authelia or Authentik SSO is enabled. The software accepts Remote-User for Authelia and X-Authentik-Username for Authentik HTTP...

Nginx UI 代码问题漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI 2.3.4 and earlier have code vulnerabilities. This vulnerability allows authenticated users to create cluster nodes that point to arbitrary internal URLs and send API requests with the X-Node-ID header, resulting in SSR...

arduino-esp32 授权问题漏洞

Arduino-ESP32 is an open-source project by Espressif, designed for use with the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6, and ESP32-H2 boards. Versions of Arduino-ESP32 prior to 3.3.8 contained an authorization vulnerability. This vulnerability stemmed from the WebServer implementation, whic...

granian 输入验证错误漏洞

Granian is a high-performance Python HTTP server developed by Emmett under open source principles, using Rust as the programming language. Versions 1.2.0 to 2.7.4 of Granian contain a vulnerability related to input validation. This vulnerability arises when an unvalidated client sends a WebSocket...

LWP::UserAgent 安全漏洞

LWP::UserAgent is a web user agent class open source from libwww-perl, used for sending HTTP requests. Versions of LWP::UserAgent prior to version 6.83 have security vulnerabilities. These vulnerabilities stem from improper handling of the Authorization and Proxy-Authorization headers during...