AlmaLinux 8 : fence-agents (ALSA-2026:12176)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:12176 advisory. cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves CVE-2026-26007 pyjwt: PyJWT accepts unknown crit header...

Fedora 42 : asterisk (2026-98decbde87)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-98decbde87 advisory. Update to Asterisk 18.26.4, addressing numerous security vulnerabilities accumulated since the long-stale 18.12.1 package. The following CVEs are...

CVE-2026-40685

Exim before 4.99.2 is affected when JSON lookup is enabled. An out-of-bounds heap write can occur if a JSON operator encounters malformed JSON in an untrusted header, caused by an incorrect implementation of the JSON skipping logic. CVSS v3.1 metrics indicate a high-severity, remote-execution-lik...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities arise from improper validation of message sizes during the processing of incoming message headers. This can allow malicious programs to write beyond the heap...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

EUVD-2026-26443

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

Traefik 安全漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Traefik has a security vulnerability that stems from its header forwarding cleanup logic, which only handles standard header names. It does not process aliases that use underscores instead of hyphens, which may...

Fedora 42 : miniupnpd (2026-2e8a8fd35b)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2e8a8fd35b advisory. 2026/03/24: fix missing fclose and potential double free in option file parsing 2026/03/23: upnphttp.c: fix removal of quotes in ParseHttpHeaders minixml.c:...

PT-2026-37098

Name of the Vulnerable Software and Affected Versions Gotenberg versions 8.29.1 through 8.30.x Description An unauthenticated attacker with network access can force the server to make outbound HTTP POST requests to arbitrary internal or external destinations. This is achieved by supplying a craft...

CVE-2026-40685

In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation of \ skipping...

Oracle Linux 8 / 9 : dtrace (ELSA-2026-50250)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50250 advisory. - Prevent out-of-buonds memory access during object symbol table construction CVE-2026-35233. Orabug: 39121881 - Prevent divide-by-zero FPE trap i...

Amazon Linux 2023 : python3.14, python3.14-devel, python3.14-freethreading (ALAS2023-2026-1617)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1617 advisory. When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, a...

CVE-2026-7381

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting sendfile type to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the...

DEBIAN-CVE-2026-7381

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting sendfile type to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the...

CVE-2026-42208

A flaw was found in LiteLLM. A database query used for proxy API key checks incorrectly incorporated caller-supplied key values directly into the query. This vulnerability allows an unauthenticated attacker to send a specially crafted Authorization header to any Large Language Model LLM API route...

CVE-2026-7381

Plack::Middleware::XSendfile (Perl)

EUVD-2026-26296

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting sendfile type to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the...

Exploit for CRLF Injection in Useplunk Plunk

CVE-2026-34975 — CRLF Email Header Injection in Plunk via raw...

security-advisories

Security Advisories Public write-ups and PoCs for CVEs I've d...