Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

CVE-2026-33472

Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...

CVE-2026-40500

creationtimestamp| type| source ---|---|--- 2026-04-15 22:19:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkwif2xh32o...

EUVD-2026-22956

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

AsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirects

Impact When redirect following is enabled followRedirecttrue, AsyncHttpClient forwards Authorization and Proxy-Authorization headers along with Realm credentials to arbitrary redirect targets regardless of domain, scheme, or port changes. This leaks credentials on cross-domain redirects and...

PT-2026-33219

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When redirect following is enabled followRedirecttrue, versions of AsyncHttpClient prior to 3.0.9 and 2.14.5 forward Authorization and Proxy-Authorization headers...

CVE-2019-25471

creationtimestamp| type| source ---|---|--- 2026-04-13 15:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mjf5f25caj26...

CLEANSTART-2026-AJ47488 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11

Multiple security vulnerabilities affect the tomcat10 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability detail...

MAL-2026-2499 Malicious code in nerite-security-audit (npm)

Collects and exfiltrates sensitive data env vars, SSH keys, keystores, history via HTTPS and DNS. Suspicious domain and disabled SSL validation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87776a4e480d244c862e76238cd498aa49bd919403dad6de21a85326d6b451ed The...

CVE-2026-34778

creationtimestamp| type| source ---|---|--- 2026-04-04 05:45:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3minjtetwo72o...

EUVD-2018-21728

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

CVE-2018-25237

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

CVE-2018-25237 Hirschmann HiSecOS Buffer Overflow via HTTPS Login

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

CVE-2018-25237

Hirschmann HiSecOS devices versions prior to 05.3.03 contain a buffer overflow vulnerability in the HTTPS login interface when RADIUS authentication is enabled that allows remote attackers to crash the device or execute arbitrary code by submitting a password longer than 128 characters. Attackers...

HTTPS Fetch, Windows Upload/Execute, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/https/x86/upexec/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION...

HTTPS Fetch, Windows Command Shell, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/shell/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf...

HTTPS Fetch, Windows Command Shell, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/shell/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION msf...

HTTPS Fetch, Windows Command Shell, Hidden Bind Ipknock TCP Stager

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for a connection. First, the port will need to be knocked from the IP defined in KHOST. This IP will work as an authentication method you can spoof it with tools like hping. After that you could get...

HTTPS Fetch, Windows Upload/Execute, Bind IPv6 TCP Stager (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Listen for an IPv6 connection Windows x86 Module Options msf use payload/cmd/windows/https/x86/upexec/bindipv6tcp msf payloadbindipv6tcp show actions ...actions... msf payloadbindipv6tcp set ACTION ms...

HTTPS Fetch, Windows Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Spawn a piped command shell staged. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show...