GHSA-44M2-CRH7-F4Q2 Budibase: `PUT /api/datasources/:datasourceId` is protected only by `TABLE/READ` permission instead of builder access, allowing any authenticated app user to overwrite datasource connection parameters including host, port, and URL

Summary Budibase exposes a REST API for datasource management. The route PUT /api/datasources/:datasourceId is registered in the authorizedRoutes group with TABLE/READ permission. This is the same authorization level as the read endpoint GET /api/datasources/:datasourceId. Every authenticated...

CVE-2026-42313 pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains...

Improper Traffic Filtering

github.com/containernetworking/plugins is vulnerable to improper traffic filtering. The vulnerability is due to incorrect handling of destination IP when using the nftables backend, which allows an attacker to intercept unintended traffic destined for the same host port across containers...

OpenProject 代码问题漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.0 had code vulnerabilities. These vulnerabilities stemmed from SMTP test endpoints and Webhooks, which allowed any host and port value to be accepted, potentially leading to internal network...

PT-2026-24807

OpenProject is an open-source, web-based project management software. Prior to 17.2.0, OpenProject SMTP test endpoint POST /admin/settings/mail notifications accepts arbitrary host and port values and exhibits measurable differences in response behaviour depending on whether the target IP exists...

CVE-2026-29093

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

CVE-2026-29093

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

CVE-2026-29093 WWBN AVideo: Unauthenticated PHP session store exposed to host network via published memcached port

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

CVE-2026-29093 WWBN AVideo: Unauthenticated PHP session store exposed to host network via published memcached port

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

AVideo: Unauthenticated PHP session store exposed to host network via published memcached port

Summary The official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who can reach port 11211 can read, modify, or flush session data ...

CLSA-2026-1769507907 Fix CVE(s): CVE-2024-50349

SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...

CLSA-2026-1769507695 Fix CVE(s): CVE-2024-50349

SECURITY UPDATE: Confusing users into sending their passwords to sites under the attacker’s control using crafted URLs - debian/patches/CVE-2024-50349.patch: also encode : in credentialformat, sanitize the user prompt - CVE-2024-50349...

SUSE CVE-2025-67499

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

CVE-2025-67499

A flaw was found in the CNI Container Network Interface portmap plugin. This vulnerability allows containers to intercept all traffic destined for a host port via inadvertent forwarding of traffic with the same destination port when the plugin is configured with the nftables backend, ignoring the...

Command Injection

Cybersecurity AI CAI is vulnerable to Command Injection. The vulnerability is due to insufficient input sanitization in the runsshcommandwithcredentials function, where the username, host, and port parameters are not properly escaped, allowing attackers to inject malicious commands...

UBUNTU-CVE-2025-67499

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

CVE-2025-67499

The CVE-2025-67499 issue affects the CNI portmap plugin (versions 1.6.0–1.8.0) when configured with the nftables backend: it forwards all traffic sharing the host port, ignoring the destination IP, enabling containers requesting HostPort forwarding to intercept traffic not intended for the node. ...

CVE-2025-67499 CNI Plugins Portmap nftables backend intercepts non-local traffic

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

CVE-2025-67499 CNI Plugins Portmap nftables backend intercepts non-local traffic

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...

CVE-2025-67499

The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus...