Fedify 代码问题漏洞

Fedify is a TypeScript library developed by Hong Minhee. It is used to build federated server applications that support ActivityPub and other standards. Versions of Fedify prior to 1.9.12, 1.10.11, 2.0.19, 2.1.15, and 2.2.4 have code vulnerabilities. These vulnerabilities stem from an incomplete...

curl: curl-ipv4-percent-normalization-SSRF

Summary: six or fewer sentences describing the issue in your own human voice and optionally a short proof-of-concept script Affected version Which curl/libcurl version are you using to reproduce? On which platform? curl -V typically generates good output to include Steps To Reproduce: add details...

USN-8406-1: Net::CIDR::Lite vulnerabilities

Dave Rolsky discovered that Net::CIDR::Lite did not properly handle extraneous zero characters at the beginning of an IP address string. A remote attacker could possibly use this issue to bypass access controls that are based on IP addresses. This issue only affected Ubuntu 16.04 LTS and Ubuntu...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap CVE-2025-40307 In the...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1817)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1817 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved:...

SUSE SLED15 / SLES15 Security Update : perl-Net-CIDR-Lite (SUSE-SU-2026:2113-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2113-1 advisory. This update for perl-Net-CIDR-Lite fixes the following issues - CVE-2026-45190: improper validation of trailin...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2026-2077)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

EulerOS Virtualization 2.12.0 : kernel (EulerOS-SA-2026-2102)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

CVE-2026-39409

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, ipRestriction does not canonicalize IPv4-mapped IPv6 client addresses e.g. ::ffff:127.0.0.1 before applying IPv4 allow or deny rules. In environments such as Node.js dual-stack, this can cause...

CVE-2026-47269

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb's denyremote feature checks utmpx utaddrv6 to detect whether an authentication request originates from a remote session. The outer guard was if utent-utaddrv60 != 0, which only tests the first...

CVE-2026-42449

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the SDK embedder path N8NDocumentationMCPServer constructor, getN8nApiClient, and validateInstanceContext, the synchronous URL validator in...

GHSA-Q4X5-8CJ6-52WG Sync-in Server: SSRF protection bypass via IPv4-mapped IPv6 addresses in regExpPrivateIP

Summary: The private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses e.g. ::ffff:127.0.0.1, allowing SSRF protection to be bypassed on dual-stack systems. Affected components backend/src/applications/files/services/files-manager.service.ts –...

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-8391-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8391-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Cop...

Node.js Module axios < 0.32.0 / 1.x < 1.16.0 NO_PROXY Bypass (SSRF)

The version of the axios Node.js module installed on the remote host is prior to 0.32.0 or 1.x prior to 1.16.0. It is, therefore, affected by the following vulnerability: - shouldBypassProxy, introduced in v1.15.0 to fix CVE-2025-62718, does not normalise IPv4-mapped IPv6 addresses. When NOPROXY...

USN-8391-1: Linux kernel (Raspberry Pi) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

CVE-2026-48682

A flaw was found in FastNetMon Community Edition. This vulnerability, located in the IPv4 packet parser, allows a remote attacker to send specially crafted network packets. This can lead to an out-of-bounds read, potentially disclosing sensitive information or causing the system to crash, resulti...

Linux Distros Unpatched Vulnerability : CVE-2026-48682

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the...

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...