CVE-2026-26233

CVE-2026-26233 affects Mattermost releases 10.11.x to 11.4.x, where login requests are not rate-limited, enabling unauthenticated remote attackers to cause denial of service via an HTTP/2 single-packet attack with 100+ parallel login requests. No patch/version details are provided in the document...

CVE-2026-27801 Vaultwarden: 2FA Bypass on Protected Actions due to Faulty Rate Limit Enforcement

Vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwardenrs. Vaultwarden versions 1.34.3 and prior are susceptible to a 2FA bypass when performing protected actions. An attacker who gains authenticated access to a user’s account can exploit this bypass ...

EUVD-2023-2399

Malicious code in bioql PyPI...

GO-2024-2798 Mattermost fails to limit the number of active sessions in github.com/mattermost/mattermost-server

Mattermost fails to limit the number of active sessions in github.com/mattermost/mattermost-server...

CVE-2004-1269

lppasswd in CUPS 1.1.22 does not remove the passwd.new file if it encounters a file-size resource limit while writing to passwd.new, which causes subsequent invocations of lppasswd to fail...