CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

CVE-2026-53944

Ghost is a Node.js content management system. From 6.0.9 until 6.21.1, when making an external request, it is possible to bypass the IP filter that ensures the request isn't going to an internal service using an IPv6 literal which maps to a private IPv4 address. This vulnerability is fixed in...

MAL-2026-6075 Malicious code in opt-archetype-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6497b3f44c017bc9ba783cd75e17d4992f79542d8819558da92e152ee4d4471e On npm install, the package's postinstall hook executes node index.js, which collects the installer's public IP via api.ipify.org, hostname, username...

MAL-2026-5777 Malicious code in field-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0112dc4801bb261e86a2f68d5fd49b6c955bb4e82f872c72e61e49cc638ca91c package.json declares both preinstall and postinstall scripts that run curl against a hardcoded bare-IP HTTP endpoint http://3.7.226.146:9000/callbac...

Malicious code in janus-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d33c10c068a69d14d0333b93de7745caffd62013c57de6c55f20a6b53ffdcb1 On npm install, the package's postinstall hook node postinstall.js 2/dev/null || true silently runs a credential harvester against the installer...

CVE-2018-25427

CVE-2018-25427 pertains to Arm Whois 3.11, where a stack-based buffer overflow allows remote code execution by sending oversized input to the IP address or domain field. Input longer than 658 bytes with shellcode can overwrite the Structured Exception Handler, enabling command execution during pr...

PT-2026-45123

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...

Malicious code in superacli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c45fea405a610447f72926e8663afc4151606f39189d380bf929ad09419908b plugins/gopass/daemon.js opens an outbound WebSocket connection to a hardcoded bare IP ws://92.113.145.178:8768 defaulted via process.env.GOPASSUIURL...

CVE-2026-28906

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An attacker may be able to track users through their IP address...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013174 advisory. In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in inetdelifa I got the below warning when do fuzzing test:...

MAL-2026-2825 Malicious code in centralogger (npm)

dom-utils-lite and centralogger, with identical payloads. On npm install, a postinstall hook fetches the attacker’s SSH public key from a Supabase storage bucket, appends it to /.ssh/authorizedkeys, harvests the victim’s IP, username, and hostname, then uploads that metadata to the same Supabase...

Server-side Request Forgery (SSRF)

Overview directus is a Directus is a real-time API and App dashboard for managing SQL database content. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the file import process due to improper normalization of IPv4-mapped IPv6 addresses. An attacker can acce...

CVE-2026-33690 AVideo vulnerable to IP Address Spoofing via Untrusted HTTP Headers in getRealIpAddr()

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getRealIpAddr function in objects/functions.php trusts user-controlled HTTP headers to determine the client's IP address. An attacker can spoof their IP address by sending forged headers, bypassing any IP-base...

OpenClaw 数据伪造问题漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a Data Forgery Issue vulnerability that stems from improperly parsing the X-Forwarded-For header value, which can be exploited by an attacker to spoof a client's IP address and influence security...

EUVD-2026-9368

The web-based Ping diagnostic utility /IDCPing/main.cgi in International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver Web Management Interface version 101 is vulnerable to OS Command Injection. The application insecurely parses the IPaddr parameter. An authenticated attacker...

Allocation of Resources Without Limits or Throttling

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through improper handling of client IP address normalization in the authentication rate-limiting process. An attacker can increase the...

CVE-2025-71057

Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user...

GCOM EPON 1GE 安全漏洞

GCOM EPON 1GE is a fiber-optic access device developed by GCOM Corporation. The GCOM EPON 1GE ONU C00R371V00B01 version contains a security vulnerability. This vulnerability stems from improper session management, and it could allow attackers to carry out session hijacking attacks by manipulating...

PT-2026-7409

Name of the Vulnerable Software and Affected Versions Azure IoT SDK affected versions not specified Description An issue exists where binding to an unrestricted IP address in the Azure IoT SDK can allow an unauthorized attacker to disclose information over a network. Recommendations At the moment...

PT-2026-22157

Name of the Vulnerable Software and Affected Versions FTP GVfs backend affected versions not specified Description A flaw exists in the FTP GVfs backend where a malicious FTP server can exploit the system by providing a crafted passive mode PASV response containing an arbitrary IP address and por...