CVE-2026-32857

Firecrawl version 2.8.0 and prior contain a server-side request forgery SSRF protection bypass vulnerability in the Playwright scraping service where network policy validation is applied only to the initial user-supplied URL and not to subsequent redirect destinations. Attackers can supply an...

Improper Following of Specification by Caller

Overview @bsv/sdk is a BSV Blockchain Software Development Kit Affected versions of this package are vulnerable to Improper Following of Specification by Caller in the Peer class, used by the processInitialRequest and processInitialResponse methods. An attacker can cause a signature to be...

The vulnerability of the PgBouncer connection pool program in PostgreSQL allows for unauthorized access to sensitive data. By not properly securing the SQL query structure, attackers can gain access to confidential information, compromise its integrity, and cause service failures.

The vulnerability of the PostgreSQL PgBouncer connection pool program lies in the fact that the data received from the initial request message is treated as already decoded data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity,...