653 matches found
CVE-2026-52920
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...
PT-2026-51713
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the match policy in function processes sec path entries in reverse order, from the last transform to the first. For strict policy matching,...
Linux Distros Unpatched Vulnerability : CVE-2026-52920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy...
CVE-2026-54285
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were...
CVE-2026-54285 opentelemetry-js: Unbounded memory allocation in W3C Baggage propagation
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were...
CVE-2026-54285
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were...
CVE-2026-54285
Opentelemetry-js (OpenTelemetry JavaScript client) is affected by CVE-2026-54285 through the W3CBaggagePropagator.extract() path in @opentelemetry/core prior to 2.8.0, where inbound baggage headers were not capped and could trigger memory allocation proportional to header size. The issue is fixed...
CVE-2026-54285 opentelemetry-js: Unbounded memory allocation in W3C Baggage propagation
opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 2.8.0, W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were...
GHSA-JRPC-7VXP-69P6 http4k: `reverseProxy()` defaulted to substring (`Contains`) matching on `Host`; tightened to `Exact`
Impact reverseProxy and reverseProxyRouting matched configured vhosts by substring on the Host header Contains matcher by default. The intended use of these functions in http4k is outbound dispatch e.g. matching AWS service subdomains, per the Contains docstring and test-time composition of fake...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ICMP: Fixed a data race around the sysctlicmperrorsuseinboundifaddr function. When reading sysctlicmperrorsuseinboundifaddr, it can be changed concurrently. Therefore, we need to add READONCE to its reader function...
CVE-2026-10649
A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...
GHSA-8988-4F7V-96QF OpenTelemetry Core: Unbounded memory allocation in W3C Baggage propagation
Overview W3CBaggagePropagator.extract in @opentelemetry/core does not enforce size limits when parsing inbound baggage HTTP headers. The W3C Baggage specification recommends a maximum of 8,192 bytes and 180 entries; these limits were only enforced on the outbound inject path, not on the inbound...
PT-2026-49598
Name of the Vulnerable Software and Affected Versions @opentelemetry/core versions prior to 2.8.0 Description The W3CBaggagePropagator.extract function in @opentelemetry/core fails to enforce size limits when parsing inbound baggage HTTP headers. While the W3C Baggage specification recommends a...
CVE-2026-44780
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...
CVE-2026-44780 Discourse: Category queue reviewers can read raw incoming emails from queued posts
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...
EUVD-2026-36584
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...
Linux Distros Unpatched Vulnerability : CVE-2026-40994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wss4jSecurityInterceptor initialized its BSP WS-I Basic Security Profile compliance flag so that inbound validation disabled WSS4J BSP enforcement on RequestDat...
Oracle E-Business Suite (April 2026 CPU)
The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2026 CPU advisory. - Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite component: Setup and Administration. Supported...
guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation
Impact guzzlehttp/psr7 improperly interpreted malformed Host header values when constructing request URIs from inbound request data. This issue concerns inbound request parsing and server request construction. It does not require serializing a PSR-7 request, and it is not part of the normal...
GHSA-34XG-WGJX-8XPH guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation
Impact guzzlehttp/psr7 improperly interpreted malformed Host header values when constructing request URIs from inbound request data. This issue concerns inbound request parsing and server request construction. It does not require serializing a PSR-7 request, and it is not part of the normal...