GHSA-89VP-X53W-74FX rmcp Streamable HTTP server transport has a DNS rebinding vulnerability

Summary Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport crates/rmcp/src/transport/streamablehttpserver/ did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to send authenticated requests to an MCP server running...

wger: trainer_login open redirect - ?next= parameter not validated against host

Summary The trainerlogin view in wger redirects to request.GET'next' directly via HttpResponseRedirect without calling urlhasallowedhostandscheme. After the trainer successfully enters impersonation mode, their browser is redirected to any attacker-controlled URL supplied in the ?next= parameter,...

GHSA-VQV8-J3MJ-WJXJ wger: trainer_login open redirect - ?next= parameter not validated against host

Summary The trainerlogin view in wger redirects to request.GET'next' directly via HttpResponseRedirect without calling urlhasallowedhostandscheme. After the trainer successfully enters impersonation mode, their browser is redirected to any attacker-controlled URL supplied in the ?next= parameter,...

Binding to an Unrestricted IP Address

Overview Affected versions of this package are vulnerable to Binding to an Unrestricted IP Address which defaults to 0.0.0.0 when the -port argument is used or the -listen argument is used without specifying a host. An attacker can execute arbitrary code remotely by connecting to the exposed...

EUVD-2026-27873

NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and content.files values or creati...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the /v1/chat/completions, /v1/responses or /v1/messages endpoints. An attacker can cause the server to make unauthorized HTTP requests to internal resources, potentially exfiltrating sensitive conten...

CVE-2026-7875

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

CVE-2025-71285

A flaw was found in the Linux kernel's qrtr driver. A race condition in the Modem Host Interface MHI autoqueue feature for Inter-Processor Communication Router IPCR downlink channels can lead to a NULL pointer dereference. This occurs because a callback function may be invoked before the qrtr...

CVE-2026-42503

gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host e.g. :8080, or -port is used, gopls will listen on 0.0.0.0. As a result, users might inadvertently cause gopls to bind 0.0.0.0. This...

CVE-2026-7875 NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

CVE-2026-7875

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

CVE-2026-7875 NanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment Handling

NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read files outside the intended outbox directory by supplying crafted messagesout.id and...

MAL-2026-3354 Malicious code in playwright-acustomed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b8b21055de687ebac89fc9e5697c34b70cc910702d263b841399783f75b139bd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in playwright-acustomed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b8b21055de687ebac89fc9e5697c34b70cc910702d263b841399783f75b139bd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2026-43248

In the Linux kernel, the following vulnerability has been resolved: vhost: move vdpa group bound check to vhostvdpa Remove duplication by consolidating these here. This reduces the posibility of a parent driver missing them. While we're at it, fix a bug in vdpasim where a valid ASID can be assign...

CVE-2026-43161

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed through to userspace e.g., QEMU, DPDK can hard-lock the host when their link drops, either by surprise...

SUSE-SU-2026:1717-1 Security update for curl

This update for curl fixes the following issues: Security issues fixed: - CVE-2026-4873: connection reuse ignores TLS requirement bsc1262631. - CVE-2026-5545: wrong reuse of HTTP Negotiate connection bsc1262632. - CVE-2026-6253: proxy credentials leak over redirect-to proxy bsc1262635. -...

Security update for flatpak

This update for flatpak fixes the following issues: CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770. Patch Instructions: To install this SUSE upda...

SUSE-SU-2026:1713-1 Security update for flatpak

This update for flatpak fixes the following issues: - CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox-expose options bsc1261769. - CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation bsc1261770...

CVE-2025-71285

Summary of the CVE-2025-71285 cluster: The Linux kernel’s net/qrtr MHI auto_queue feature for IPCR DL channels is being removed. The race occurs when the MHI stack can call the DL path callback before the QRTR client driver is fully initialized, risking NULL pointer dereferences. The fix disables...