3829 matches found
Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in actionResourceJs
Overview Craft CMS is vulnerable to Server-Side Request Forgery SSRF and Arbitrary JavaScript Injection through the /actions/app/resource-js endpoint. By exploiting the default permissive trustedHosts configuration, an attacker can poison the Host or X-Forwarded-Host header to manipulate the...
Astra Linux – Vulnerability in Firefox and Thunderbird
Additional techniques that built upon the slipstream research, combined with a malicious web page, could have exposed both hosts within an internal network as well as services running on the user’s local machine. This vulnerability affects Firefox versions earlier than 85...
Astra Linux – Vulnerability in rabbitMQ-server
Pivotal RabbitMQ versions prior to v3.7.18, as well as RabbitMQ for PCF versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components: the virtual host limits page and the federation management UI. These components do not properly...
Astra Linux – Vulnerability in cups
OpenPrinting CUPS is a standards-based, open-source printing system for Linux and other Unix-like operating systems. Starting from version 2.0.0 and before version 2.4.6, CUPS logged data to the logging service after the connection was closed, when it should have logged the data just before that...
PT-2026-51113
Name of the Vulnerable Software and Affected Versions Craft CMS versions 4.0.0-RC1 through 4.17.9 Craft CMS versions 5.0.0-RC1 through 5.9.9 Description Craft CMS is subject to Server-Side Request Forgery SSRF and Arbitrary JavaScript Injection via the '/actions/app/resource-js' endpoint. The iss...
Creation of Temporary File in Directory with Insecure Permissions
Overview @mariozechner/pi-coding-agent is a Coding agent CLI with read, bash, edit, write tools and session management Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions in the process handling temporary extension package installs...
Creation of Temporary File in Directory with Insecure Permissions
Overview @earendil-works/pi-coding-agent is a Coding agent CLI with read, bash, edit, write tools and session management Affected versions of this package are vulnerable to Creation of Temporary File in Directory with Insecure Permissions in the process handling temporary extension package instal...
MAL-2026-6013 Malicious code in @mastra/cursor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac742321cf72f2fa4cb958772f032eeb2a3ac062d31237ef0699b9de6ac0bc41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @mastra/sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08da35ae5d7bc21a7de70c2ed41f52a7a399a58fc26577835f8577fd0053136d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
GHSA-9CR8-Q42Q-G8M7 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts
Summary There is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake selects the applicable TLS configuration through an exact,...
Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts
Summary There is a critical vulnerability in Traefik's HTTP/3 QUIC TLS configuration selection that allows unauthenticated clients to bypass router-specific mTLS enforcement. When HTTP/3 is enabled on an entrypoint, the TLS handshake selects the applicable TLS configuration through an exact,...
GHSA-M557-WRGG-6RP4 phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access
Summary When an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it. Attacker who supplies certificate fully controls host, port, and path of that connectio...
@astrojs/netlify broadens Astro image.remotePatterns in Netlify Image CDN config
Summary @astrojs/netlify converts Astro image.remotePatterns into Netlify Image CDN images.remoteimages regular expressions with broader semantics than Astro's canonical matcher. A single wildcard hostname such as .example.com is converted to an optional subdomain regex, so the apex host matches....
MAL-2026-5851 Malicious code in epm-service-module-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7b0de1b676618a68f5707692c33cef713882df9ef3ecdb5c73391837669af7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2026-49773
Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.4.23 through 2026.4.23 Description An insecure file permissions issue exists in the config recovery process that restores the OpenClaw.json file with overly broad permissions. Local attackers on shared hosts can exploit...
PT-2026-49741
Name of the Vulnerable Software and Affected Versions @astrojs/netlify versions prior to 7.0.13 Description The adapter converts image.remotePatterns into Netlify Image CDN images.remote images regular expressions using semantics broader than the canonical matcher. This occurs because a single...
Linux Distros Unpatched Vulnerability : CVE-2026-52719
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the...
MAL-2026-5753 Malicious code in @gbrlxvi/ts-form-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20e77262ebb59497687fabfba394959da9ce6afbaf436aa5fcf654b2c8a44a32 Package advertises trivial form-validation helpers notEmpty/isEmail/isPhone/maxLen/minLen but on require/import of the main module performs an...
CVE-2026-11624
The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...
EUVD-2026-36650
The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...