Improper Validation of Certificate with Host Mismatch

Overview org.apache.directory.api:api-ldap-client-api is a LDAP Client API. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the TLS server identity verification. An attacker can intercept and impersonate the server by presenting a...

CLSA-2026-1776070934 grafana: Fix of CVE-2026-25679

rebuild with golang 1.25.7-els2 which fixes the following CVEs - - CVE-2026-25679: fix insufficient validation of host/authority in net/url.Parse...

DEBIAN-CVE-2026-25679

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...

CVE-2026-25679

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs...

Misskey 代码问题漏洞

Misskey is a perpetually free open source syndicated social media platform from Misskey Open Source. A code issue vulnerability exists in versions prior to Misskey 2024.11.0-alpha.3 that stems from not properly checking the target host and allows an attacker to send a POST or GET request to an...

keycloak: redirect_uri validation bypass

A flaw was found in the redirecturi validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users...

CVE-2018-6101

A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server...

Design/Logic Flaw

A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if the user is running a remote DevTools debugging server...