1096 matches found
CVE-2026-56099
OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read in sys/netmpls/mpls_input.c:mpls_do_error, allowing remote disclosure of kernel stack memory by crafting MPLS frames with 16 labels and no Bottom-of-Stack bit. Affected component is the MPLS input handling path; root cause ...
OPENSUSE-SU-2026:21084-1 Security update for distribution
This update for distribution fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265788. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation...
CVE-2026-49056
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
CVE-2026-49056 WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
EUVD-2026-36869
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
CVE-2026-49056
CVE-2026-49056 concerns the WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin, versions
PT-2026-49499
Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels = 4.9.4 versions...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the orderkey parameter in the labels host-listing endpoint. An attacker can extract sensitive enrollment secrets by manipulating the sort order and leveraging a cursor-based binary search oracle. This is only exploitab...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the orderkey parameter in the labels host-listing endpoint. An attacker can extract sensitive enrollment secrets by manipulating the sort order and leveraging a cursor-based binary search oracle. This is only exploitab...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the orderkey parameter in the labels host-listing endpoint. An attacker can extract sensitive enrollment secrets by manipulating the sort order and leveraging a cursor-based binary search oracle. This is only exploitab...
Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint
Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...
GHSA-VXM7-9X8V-8GM4 Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint
Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...
PT-2026-49056
Name of the Vulnerable Software and Affected Versions Fleet versions prior to 4.85.0 Description Authenticated users with the lowest-privilege Observer role can extract host enrollment secrets, specifically node key and orbit node key, using a cursor-based binary search oracle. The issue exists i...
CVE-2026-50639
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
CVE-2026-50639 Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
CVE-2026-50639
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
EUVD-2026-36106
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics,separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
CVE-2026-50639 Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
CVE-2026-46642
draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. The vulnerability is not in the label sanitizer which works correctly on the rendering path but in...
CVE-2026-46642 draw.io: XSS via crafted cell label when opening a .drawio file
draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. The vulnerability is not in the label sanitizer which works correctly on the rendering path but in...