RedwoodSDK 跨站请求伪造漏洞

RedwoodSDK is an open-source React-based server-first web application framework developed by RedwoodJS. Versions of RedwoodSDK from 1.0.0-beta.50 to 1.2.3 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the use of HTTP methods on the server without source...

PT-2026-39283

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.1.124 Description An improper authorization control exists where the API fails to validate if a user possesses an authorized role of user or admin. When the platform is configured to allow new sign-ups, new...

n8n-MCP 日志信息泄露漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.47.11 contained a vulnerability related to log information leakage. This vulnerability occurred when POST /mcp requests under HTTP transmission mode wrote metadata...

PT-2026-38721

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network acce...

PT-2026-39301

Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.4.1 Description An open redirect issue in Snipe-IT allows attackers to redirect users to malicious websites. This occurs because the application uses an unvalidated HTTP Referer header stored in a session variable...

CVE-2026-38360

Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dashuploader/httprequesthandler.py, BaseHttpRequestHandler.gettemproot, BaseHttpRequestHandler.post components...

PT-2026-38772

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Lightweight HTTP Server. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0...

Fedora 43 : perl-Starman (2026-b94aad33a5)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b94aad33a5 advisory. Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes Content-Length over...

ROS-20260508-73-0016

A vulnerability in the ngxmailauthauthhttpmodule module of the NGINX Plus and NGINX Open Source HTTP server is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-39150

Name of the Vulnerable Software and Affected Versions fohrloop dash-uploader versions 0.1.0 through 0.7.0a2 Description A directory traversal issue allows a remote attacker to execute arbitrary code. This is possible through the dash uploader/httprequesthandler.py component, specifically within t...

Ollama Path Traversal RCE in Update Mechanism (CVE-2026-42249)

The version of Ollama installed on the remote Windows host is affected by a remote code execution vulnerability: - Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker-controlled HTTP response headers. When downloading...

PT-2026-39282

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.1.124 Description An issue exists in the self-hosted artificial intelligence platform where the application fails to validate or sanitize the filename during file uploads. When attaching files to a prompt via the...

go-git 安全漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.18.0 and 6.0.0-alpha.2 contained security vulnerabilities. These vulnerabilities were due to a flaw where, during intelligent HTTP cloning and fetch operations, redirecting could lea...

Linux Distros Unpatched Vulnerability : CVE-2026-33814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value ...

GHSA-39J6-4867-GG4W utcp-http vulnerable to SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol

Summary The utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS / loopback allowlist, but calltool and calltoolstreaming reuse...

CVE-2026-42239

Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false at packages/backend-core/src/utils/utils.ts:218. JavaScript can read this cookie via document.cookie. This means every XSS becomes a full...

CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...