CVE-2026-46484

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

CVE-2026-46484

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

CVE-2026-46484

Summary: Headplane (a Web UI for Headscale) had a path traversal and authorization bypass vulnerability in the Headscale API client used during node and user rename operations. Affected versions and patch: the issue affects Headplane prior to 0.6.3 and 0.7.0-beta.3; it has been patched in 0.6.3 a...

EUVD-2026-35193

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

CVE-2026-46484 Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

CVE-2026-46484 Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

CVE-2026-46484

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

Headplane 路径遍历漏洞

Headplane is a web management interface for Headscale, developed by Aarnav Tale. Versions of Headplane prior to 0.6.3 and 0.7.0-beta.3 contained a path traversal vulnerability. This vulnerability stemmed from path traversal and authorization bypass issues in the Headscale API client during node a...

PT-2026-47447

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

aerobi-poc

Aerobi POC — Simulação local de monitoramento de câmeras Labo...

[SECURITY] Fedora 43 Update: headscale-0.28.0-1.fc43

An open source, self-hosted implementation of the Tailscale control server...

[SECURITY] Fedora 44 Update: headscale-0.28.0-1.fc44

An open source, self-hosted implementation of the Tailscale control server...

Fedora: Security Advisory (FEDORA-2026-c3c02ffe75)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 44 : headscale (2026-76033f35ea)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-76033f35ea advisory. update to 0.28.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

Fedora 43 : headscale (2026-c3c02ffe75)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c3c02ffe75 advisory. update to 0.28.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...

headscale-0.26.1-2.1 on GA media (moderate)

headscale-0.26.1-2.1 on GA media Announcement ID: openSUSE-SU-2025:15620-1 Rating: moderate Cross-References: CVE-2025-47911 CVE-2025-58190 CVSS scores: CVE-2025-47911 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2025-47911 SUSE : 6.9...

OPENSUSE-SU-2025:15620-1 headscale-0.26.1-2.1 on GA media

These are all security issues fixed in the headscale-0.26.1-2.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2023-3054

Malicious code in bioql PyPI...

CVE-2023-47390

Headscale through 0.22.3 writes bearer tokens to info-level logs...

headscale-0.25.1-2.1 on GA media (moderate)

headscale-0.25.1-2.1 on GA media Announcement ID: openSUSE-SU-2025:14956-1 Rating: moderate Cross-References: CVE-2025-30204 CVSS scores: CVE-2025-30204 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-30204 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...