Lucene search
K

3391 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15, and Linux 6.1

A “use-after-free” vulnerability in the Linux kernel’s ipv4:igmp component can be exploited to achieve local privilege escalation. A race condition can also be exploited, causing a timer to be mistakenly registered on a RCU read-locked object that is then freed by another thread. We recommend...

7.8CVSS6.5AI score0.00371EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Python 3.11, Python 3.7

The “ipaddress” module contained incorrect information regarding whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

7.5CVSS6.7AI score0.01034EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/ip6tunnel: Prevents perpetual tunnel growth. Similar to the ipv4tunnel case, the ipv6 version also updates dev-neededheadroom. While the growth of tunnel headroom adjustment in commit 5ae1e9922bbd “net: iptunnel: prevent...

5.7AI score0.00171EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: vxlan: Prevent NULL dereferencing in vxlanxmitone. Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, especially if the iface is disabled. This can lead to the following NULL dereferences: -...

5.8AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Check for a NULL idev in iprouteusehint. The syzbot was able to trigger a NULL deref in fibvalidatesource in an old tree 1. It appears that this bug still exists in the latest trees. All calls to indevgetrcu must be...

5.5CVSS6.2AI score0.00214EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: fixed a issue where deleting routes with a nexthop object triggered a warning. The FRR team encountered a kernel warning1 while deleting routes2. This issue occurred when attempting to delete a route that pointed to...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. The details of the issue are as follows: - Bug: Unable to handle a page fault for the address: ffffde49a863de28 - Memory layout:...

7.8CVSS6AI score0.00244EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/16 9:0 p.m.10 views

Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped)

Summary The Docker API server's SSRF protection validatewebhookurl / validateurldestination in deploy/docker/utils.py used an explicit IPv4/IPv6 CIDR blocklist that missed several address families. An attacker could reach internal services and cloud metadata endpoints e.g. 169.254.169.254 despite...

7.5CVSS5.5AI score0.00267EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/16 3:16 p.m.11 views

CVE-2026-47684

Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.3.0, the private IP blocklist regex used in the URL download feature does not match IPv4-mapped IPv6 addresses e.g. ::ffff:127.0.0.1, allowing SSRF protection to be bypassed ...

7.7CVSS0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/06/16 3:16 p.m.10 views

CVE-2026-10639

In Zephyr's native IPv4 stack, icmpv4handleechorequest in subsys/net/ip/icmpv4.c builds an echo-reply packet reply, hands it to nettrysenddata, and then, on success, calls netstatsupdateicmpsentnetpktifacereply. nettrysenddata transfers ownership of reply to the TX path netiftryqueuetx - netiftx ...

4.8CVSS0.00193EPSS
Exploits1References2
CVE
CVE
added 2026/06/16 2:31 p.m.18 views

CVE-2026-47684

CVE-2026-47684 — Sync-in Server SSRF bypass (IPv4-mapped IPv6 addresses) Affected product: Sync-in Server (file storage/sharing/collaboration). Vulnerability: The private IP blocklist regex (regExpPrivateIP) used in the URL download feature does not match IPv4-mapped IPv6 addresses (e.g., ::ffff:...

7.7CVSS5.2AI score0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 1:22 p.m.8 views

CVE-2026-10639

Summary: Zephyr’s native IPv4 icmpv4_handle_echo_request() can perform a use-after-free when updating per-interface statistics after sending an ICMP echo reply. The code hands the echo-reply to the TX path, which may drop the packet and free the net_pkt before the post-send stats update runs. As ...

4.8CVSS5.6AI score0.00193EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.14 views

PT-2026-50165

Name of the Vulnerable Software and Affected Versions Crawl4AI versions prior to 0.8.8 Description The Docker API server contains a Server-Side Request Forgery SSRF flaw where the protection mechanisms in the validate webhook url and validate url destination functions used an incomplete IPv4/IPv6...

7.5CVSS5.9AI score0.00267EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.15 views

PT-2026-50129

Pydantic AI is a Python agent framework for building applications and workflows with Generative AI. In versions 1.56.0 through 1.101.0, 2.0.0b1, and 2.0.0b2, the cloud-metadata blocklist could be bypassed by encoding the metadata IP in an IPv6 transition form that the previous fix, CVE-2026-46678...

6.8CVSS5.3AI score0.00332EPSS
Exploits0References7
OSV
OSV
added 2026/06/15 5:31 p.m.10 views

GHSA-38CX-CQ6F-5755 Symfony: IpUtils::PRIVATE_SUBNETS Omits IPv6 Transition Forms (6to4, NAT64, Teredo, IPv4-compatible): SSRF Bypass in NoPrivateNetworkHttpClient

Description Symfony\Component\HttpClient\NoPrivateNetworkHttpClient is documented as a decorator that blocks requests to private networks by default. The list of blocked subnets Symfony\Component\HttpFoundation\IpUtils::PRIVATESUBNETS on 6.4+, a private constant in NoPrivateNetworkHttpClient on 5...

6.3CVSS5.5AI score0.00029EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49337

Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...

5.3CVSS5.5AI score0.00107EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/12 7:56 p.m.8 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.5AI score0.00255EPSS
Exploits0References5
OSV
OSV
added 2026/06/11 5:16 p.m.4 views

DEBIAN-CVE-2026-44492

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe...

8.6CVSS5.3AI score0.00889EPSS
Exploits1References1
NVD
NVD
added 2026/06/11 5:16 p.m.15 views

CVE-2026-44492

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe...

8.6CVSS0.00889EPSS
Exploits1References19
Vulnrichment
Vulnrichment
added 2026/06/11 3:29 p.m.9 views

CVE-2026-44492 Axios: shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NOPROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form ::ffff:7f00:1, ::ffff:a9fe:a9fe...

8.6CVSS5.4AI score0.00889EPSS
Exploits1References1
Rows per page
Query Builder