EUVD-2026-13539

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS DoH vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like...

CVE-2026-32947

Harden-Runner (CI/CD security agent for GitHub Actions runners) versions 2.15.1 and earlier are affected by a DNS over HTTPS (DoH) vulnerability that enables data exfiltration through permitted HTTPS endpoints by encoding data (e.g., hostname) in DoH subdomains. The attack requires the attacker t...

CVE-2026-22557

creationtimestamp| type| source ---|---|--- 2026-03-18 22:22:01+00:00| seen| https://bsky.app/profile/intcyberdigest.bsky.social/post/3mhejkrgswx2r 2026-03-19 00:20:06+00:00| seen| https://social.tchncs.de/users/gborn/statuses/116252973855800040 2026-03-19 16:20:22+00:00| seen|...

CVE-2026-27205

creationtimestamp| type| source ---|---|--- 2026-03-18 11:58:48+00:00| seen| https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mhdgqaw3goc2 2026-03-18 14:09:34+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mhdo24lupk2s 2026-04-02 17:00:00+00:00|...

CVE-2026-22882

creationtimestamp| type| source ---|---|--- 2026-03-17 19:30:45+00:00| seen| https://infosec.place/objects/43c1d72d-32cc-447f-b618-5b67eded0deb...

Egress Policy Bypass via DNS over HTTPS (DoH) in Harden-Runner (Community Tier)

Summary A vulnerability exists in the Community Tier of Harden-Runner that allows bypassing the egress-policy: block network restriction using DNS over HTTPS DoH. Harden-Runner secures GitHub Actions workflows on runners by applying network policies, including an allowed-endpoints configuration...

CVE-2026-3838

creationtimestamp| type| source ---|---|--- 2026-03-17 15:00:13+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhbafueub62m...

PT-2026-25988

Name of the Vulnerable Software and Affected Versions Harden-Runner versions 2.15.1 and below Description Harden-Runner, a CI/CD security agent functioning as an EDR for GitHub Actions runners, contains a DNS over HTTPS DoH issue. This allows attackers to circumvent network restrictions imposed b...

Fedora 45 : cpp-httplib (2026-06d1b46d1e)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-06d1b46d1e advisory. Automatic update for cpp-httplib-0.38.0-1.fc45. Changelog Tue Mar 17 2026 Petr Menk - 0.38.0-1 - Update to 0.38.0 rhbz2447261 Tue Mar 17 2026 Petr Menk -...

CVE-2025-54920

creationtimestamp| type| source ---|---|--- 2026-03-16 15:30:41+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-jwp6-cvj8-fw65 2026-03-30 12:12:15+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mibn3fornk2w...

UBUNTU-CVE-2026-32627

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

CVE-2026-32627 cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

EUVD-2026-12137

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

CVE-2026-32627 cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

CVE-2026-32627

cpp-httplib before 0.37.2 is vulnerable when using a proxy and set_follow_location(true): HTTPS redirects can bypass TLS certificate and hostname verification on the redirected connection, allowing a network attacker to intercept credentials or tokens. The issue is fixed in 0.37.2.

SUSE-SU-2026:0888-1 Security update for dnsdist

This update for dnsdist fixes the following issues: Update to dnsdist 1.9.11: - CVE-2025-8671: Add mitigations for the HTTP/2 MadeYouReset attack bsc1253852. - CVE-2025-30187: denial of service via crafted DoH exchange bsc1250054...

cpp-httplib 信任管理问题漏洞

cpp-httplib is a C++ library developed by Yhirose, designed for HTTP/HTTPS servers and clients. Prior to version 0.37.2 of cpp-httplib, there was a vulnerability related to trust management. This vulnerability occurred when a client configured a proxy and enabled setfollowlocation, causing TLS...

CVE-2026-3841

creationtimestamp| type| source ---|---|--- 2026-03-12 19:37:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgv5kvgukq2e 2026-03-28 10:34:10+00:00| seen| https://bsky.app/profile/secqube.com/post/3mi4goajcrj2n 2026-03-29 05:33:11+00:00| seen|...

CVE-2026-3822 Taipower｜Taipower APP(Android) - Improper Certificate Validation

Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the...

CVE-2026-3822

Summary: Taipower APP is vulnerable to an improper certificate validation in TLS/SSL. During HTTPS connections, the app does not verify the server’s certificate, enabling an unauthenticated attacker to perform a Man‑in‑the‑Middle (MITM) attack to read and tamper with network traffic. Affected pro...