225 matches found
CVE-2026-40199
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...
CVE-2026-40199 Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...
CVE-2026-40199
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...
CVE-2026-40199
Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...
Net-CIDR-Lite 安全漏洞
Net-CIDR-Lite is a Perl module developed by Stig for processing CIDR addresses. Versions of Net-CIDR-Lite prior to 0.23 contained security vulnerabilities, which stemmed from improper handling of IPv4-mapped IPv6 addresses, potentially allowing bypasses in IP access control lists...
PT-2026-32049
Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.23 Description Net::CIDR::Lite versions before 0.23 for Perl incorrectly handles IPv4 mapped IPv6 addresses, potentially allowing IP ACL bypass. The pack ipv6 function includes a sentinel byte from pack ipv4...
CVE-2026-39409
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, ipRestriction does not canonicalize IPv4-mapped IPv6 client addresses e.g. ::ffff:127.0.0.1 before applying IPv4 allow or deny rules. In environments such as Node.js dual-stack, this can cause...
CVE-2026-39409
CVE-2026-39409 affects the Hono web application framework. The vulnerability lies in ipRestriction() not canonicalizing IPv4-mapped IPv6 addresses (e.g. ::ffff:127.0.0.1) before applying IPv4 allow/deny rules, which can cause IPv4 rules to fail to match in dual-stack environments (e.g., Node.js)....
CVE-2026-39409 Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, ipRestriction does not canonicalize IPv4-mapped IPv6 client addresses e.g. ::ffff:127.0.0.1 before applying IPv4 allow or deny rules. In environments such as Node.js dual-stack, this can cause...
CVE-2026-35409 Directus has a SSRF Protection Bypass via IPv4-Mapped IPv6 Addresses in File Import
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.0, a Server-Side Request Forgery SSRF protection bypass has been identified and fixed in Directus. The IP address validation mechanism used to block requests to local and private networks could be...
CVE-2026-35409
Directus SSRF protection bypass (CVE-2026-35409) arises from inadequate normalization of IPv4-mapped IPv6 addresses in the deny-list, allowing requests to internal/private targets to bypass the IP filter in file import workflows. Affected product: Directus real-time API/dashboard; vulnerability f...
SUSE CVE-2026-2455
Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation which allows an attacker to perform SSRF attacks against internal services via IPv4-mapped IPv6 literals e.g., ::ffff:127.0.0.1.. Mattermost...
CVE-2026-31943
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
EUVD-2026-16764
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-31943 LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP
LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...
CVE-2026-31943
LibreChat prior to 0.8.3 contains an SSRF protection bypass in isPrivateIP() (packages/api/src/auth/domain.ts) that fails to detect IPv4‑mapped IPv6 addresses in hex-normalized form. This allows any authenticated user to cause the server to issue HTTP requests to internal resources (e.g., AWS 169...
PT-2026-28429
Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.3 Description LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, the isPrivateIP function in packages/api/src/auth/domain.ts does not correctly identify IPv4-mapped IPv6 addresses in...
CVE-2026-33480
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the isSSRFSafeURL function in AVideo can be bypassed using IPv4-mapped IPv6 addresses ::ffff:x.x.x.x. The unauthenticated plugin/LiveLinks/proxy.php endpoint uses this function to validate URLs before fetching the...
CVE-2026-33480
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the isSSRFSafeURL function in AVideo can be bypassed using IPv4-mapped IPv6 addresses ::ffff:x.x.x.x. The unauthenticated plugin/LiveLinks/proxy.php endpoint uses this function to validate URLs before fetching the...
Advisory ROSA-SA-2026-3254
software: coturn 4.5.2 OS: ROSA-CHROME unaffected versions = coturn-4.5.2-6 affected versions coturn-4.5.2-6 CVE-ID: CVE-2026-27624 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in Coturn allows a remote attacker to bypass loopback and internal IP range locking denied-peer-ip option and...