ROS-20260505-73-0071

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-37260

Name of the Vulnerable Software and Affected Versions DevGuard versions prior to 1.2.2 Description An authentication bypass exists in the SessionMiddleware where the system accepts a client-supplied X-Admin-Token HTTP request header. When no Kratos session cookie is present, the raw string value ...

Django 安全漏洞

Django is an open-source web framework based on the Python language, developed by the Django Foundation. This framework includes an object-oriented mapper, a view system, and a template system. Versions of Django prior to 6.0.5 and 5.2.14 contained security vulnerabilities. These vulnerabilities...

UBUNTU-CVE-2026-28780

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

PT-2026-37286

Name of the Vulnerable Software and Affected Versions microdot versions prior to 2.6.1 Description The Response.set cookie function does not sanitize string arguments, failing to detect the r sequence. This allows for HTTP response splitting and header injection attacks. For this to be exploited,...

📄 Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking

Traccar GPS Tracking System version 6.11.1 cross-site websocket hijacking proof of concept exploit. Exploit Title: Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking CSWSH Date: 2026-02-26 Exploit Author: Hazar Taspinar Vendor Homepage: https://www.traccar.org/ Software Link:...

ROS-20260505-73-0072

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-37043

Name of the Vulnerable Software and Affected Versions Realtek rtl819x Jungle SDK versions prior to v3.4.14B Description The rtl8192cd Wi-Fi kernel driver fails to perform access control checks on the write mem ioctl 0x89F5 and read mem ioctl 0x89F6 debug handlers. These handlers are included in...

PT-2026-36992

Name of the Vulnerable Software and Affected Versions Apache Thrift versions prior to 0.23.0 Description Apache Thrift contains multiple issues, including an origin validation error, improper limitation of a pathname to a restricted directory Path Traversal, improper neutralization of CRLF...

Fixed in Apache Tomcat 11.0.22

Moderate: Security constraints not correctly applied CVE-2026-43515 When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. This was fixed with commits 276087d9 and 06597486. This issue was reported to the...

Jupyter Server 安全漏洞

Jupyter Server is an application developed by the Jupyter organization that provides backend services for Jupyter web applications. Jupyter Server versions 2.17.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the Origin header validation mechanism, which uses...

PT-2026-36988

Name of the Vulnerable Software and Affected Versions Axios versions 1.0.0 through 1.15.1 Description Axios is a promise-based HTTP client for the browser and Node.js. The HTTP adapter reads five configuration properties—auth, baseURL, socketPath, beforeRedirect, and insecureHTTPParser—via direct...

CVE-2026-28780

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

ROS-20260505-73-0070

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-6907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. django.middleware.cache.UpdateCacheMiddleware erroneously caches requests where the Vary head...

next: Next.js Server-Side Request Forgery in Server Actions

A Server-Side Request Forgery SSRF vulnerability was identified in Next.js Server Actions. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that appear to be originating from the Next.js application server itself. The required...

GHSA-GV7R-3MR9-H5X8 AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass

Summary The ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to any user by injecting this header when triggering the forgot-password flow. When th...

Weak Password Recovery Mechanism for Forgotten Password

Overview Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the ApplyXForwarded process. An attacker can gain unauthorized access to user accounts and bypass two-factor authentication by injecting a malicious X-Forwarded-Host header...

AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass

Summary The ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to any user by injecting this header when triggering the forgot-password flow. When th...

Remote Code Execution (RCE)

Apache Camel is vulnerable to Remote Code Execution. The vulnerability is due to inconsistent case-sensitive header filtering in non-HTTP HeaderFilterStrategy implementations, which allows an attacker to inject malicious headers that are later interpreted by downstream components to execute...