Server-side Request Forgery (SSRF)

Overview ragas is an Evaluation framework for RAG and LLM applications Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper validation of URLs in the retrievedcontexts parameter when processing multimodal inputs. An attacker can access arbitrary files,...

CVE-2026-23237

creationtimestamp| type| source ---|---|--- 2026-03-04 15:59:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgano6nmul2o 2026-03-13 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0291/ 2026-03-16 03:00:00+00:00| seen|...

CVE-2026-1055

creationtimestamp| type| source ---|---|--- 2026-03-03 15:31:05+00:00| seen| https://bsky.app/profile/talkjs.bsky.social/post/3mg63m544kg25...

UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor

A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025. The campaign is being tracked by Cisco Talos under the moniker UAT-10027. The end goal of the attacks is to...

New Dohdoor malware campaign targets education and health care

Cisco Talos discovered an ongoing malicious campaign since at least as early as December 2025 by a threat actor we track as "UAT-10027," delivering a previously undisclosed backdoor dubbed "Dohdoor." Dohdoor utilizes the DNS-over-HTTPS DoH technique for command-and-control C2 communications and h...

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

CVE-2023-43208 Mirth Connect RCE PoC Proof-of-concept Python...

CLEANSTART-2026-RH10099 When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11

Multiple security vulnerabilities affect the tomcat9 package. When using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11. See references for individual vulnerability details...

Improper Certificate Validation

Overview jxm is an Incredibly fast messaging backend Affected versions of this package are vulnerable to Improper Certificate Validation in the HTTPS request due to the use of 'rejectUnauthorized': false when 'jxobj.IsSecure' is true. An attacker can intercept or manipulate encrypted traffic by...

Veeam Operations Fail When the Backup Server Has Limited Internet Access

Article Applicability This article addresses an issue that may occur when using a Windows-based deployment of Veeam Backup & Replication v13, where the Veeam Backup Server or other Windows-based component servers are isolated from the internet or subject to significant firewall restrictions...

CVE-2025-70058

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests...

CVE-2025-70058

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests...

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware

Cybersecurity researchers have disclosed details of a new ClickFix campaign that abuses compromised legitimate sites to deliver a previously undocumented remote access trojan RAT called MIMICRAT aka AstarionRAT. "The campaign demonstrates a high level of operational sophistication: compromised...

CVE-2026-25738

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10 are vulnerable to server-side request forgery. Indico makes outgoing requests to user-provides URLs in various places. This is mostly intentional and part of...

CVE-2019-25424

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the httpsexceptions endpoint with script payloads to execut...

CVE-2019-25424

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the httpsexceptions endpoint with script payloads to execut...

CVE-2019-25424

CVE-2019-25424 affects Comodo Dome Firewall 2.7.0. It describes a reflected cross-site scripting vulnerability in the https_exceptions endpoint, where unsanitized input to the EXCEPTIONSITELIST parameter can be posted to trigger JavaScript in users’ browsers and potentially capture session data. ...

CVE-2019-25424 Comodo Dome Firewall 2.7.0 Reflected Cross-Site Scripting via https_exceptions

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. Attackers can craft POST requests to the httpsexceptions endpoint with script payloads to execut...

CVE-2026-24734

creationtimestamp| type| source ---|---|--- 2026-02-18 07:35:39+00:00| seen| https://bsky.app/profile/shiojiri.com/post/3mf4kxjtp4c2e 2026-02-18 09:40:36+00:00| seen| https://bsky.app/profile/osanpo.bsky.social/post/3mf4rxhluqb2o 2026-02-18 15:05:31+00:00| seen|...

CVE-2026-24458

creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/ 2026-03-18 19:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mheajdlwww2m...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : DNSdist vulnerabilities (USN-8037-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8037-1 advisory. It was discovered that HTTP/2, which is used/vendored by DNSdist, did not properly account for resources when handling client-trigger...