PaperCut MF < 25.0.5 Session Hijacking (CVE-2026-5115)

The version of PaperCut MF installed on the remote Windows host is prior to 25.0.5. It is, therefore, affected by a vulnerability: - The PaperCut MF embedded application for Konica Minolta devices is vulnerable to session hijacking. The communication channel between the embedded application and t...

CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

CVE-2026-5115

The CVE-2026-5115 entry concerns PaperCut NG/MF’s embedded Konica Minolta interface. The embedded app communicates with the server over an insecure channel, which could leak data including sensitive information and enable session hijacking. Affected product: PaperCut MF embedded app for Konica Mi...

CVE-2026-5115 Session hijacking in PaperCut NG/MF embedded application for Konica Minolta devices

The PaperCut NG/MF specifically, the embedded application for Konica Minolta devices is vulnerable to session hijacking. The PaperCut NG/MF Embedded application is a software interface that runs directly on the touch screen of a multi-function device. It was internally discovered that the...

Fast-DDS 安全漏洞

Fast-DDS is a complete DDS open source by eProsima. A security vulnerability exists in Fast-DDS version 3.3 that stems from improper ticket revocation validation and could lead to insecure communication...

EUVD-2017-6341

Malware in sbrugna...

EUVD-2019-19108

Malware in sbrugna...

EUVD-2018-2761

Malware in sbrugna...

EUVD-2025-19055

Malicious code in bioql PyPI...

EUVD-2021-7632

Malicious code in bioql PyPI...

EUVD-2022-47510

Malicious code in bioql PyPI...

EUVD-2024-33944

Malicious code in bioql PyPI...

Comprehensive MCP Security Checklist: Protecting Your AI-Powered Infrastructure

With innovation comes risk. As organizations race to build AI-first infrastructure, security is struggling to keep pace. Multi-Agentic Systems – those built on Large Language Models LLMs and Multi-Component Protocols MCP - bring immense potential, but also novel vulnerabilities that traditional...

CVE-2025-5087

Kaleris NAVIS N4 ULC Ultra Light Client communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials...

CVE-2025-5087

Kaleris NAVIS N4 ULC Ultra Light Client communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials...

PT-2025-26770 · Aleris +1 · Kaleris Navis N4 Ulc +1

Name of the Vulnerable Software and Affected Versions: Kaleris NAVIS N4 ULC Ultra Light Client affected versions not specified Description: The issue concerns insecure communication using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients...

CVE-2024-47871

Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves insecure communication between the FRP Fast Reverse Proxy client and server when Gradio's share=True option is used. HTTPS is not enforced on the connection, allowing attackers to intercept and rea...

CVE-2023-33620

GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack...

CVE-2021-20175

Netgear Nighthawk R6700 version 1.0.4.120 does not utilize secure communication methods to the SOAP interface. By default, all communication to/from the device's SOAP Interface port 5000 is sent via HTTP, which causes potentially sensitive information such as usernames and passwords to be...