Kube-router Proxy Module Blindly Trusts ExternalIPs/LoadBalancer IPs Enabling Cluster-Wide Traffic Hijacking and DNS DoS

kube-router Proxy Module Does Not Validate ExternalIPs or LoadBalancer IPs Against Configured Ranges Summary This issue primarily affects multi-tenant clusters where untrusted users are granted namespace-scoped permissions to create or modify Services. Single-tenant clusters or clusters where all...

EUVD-2026-12576

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-4318

A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buffer overflow. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

PT-2026-25978

Name of the Vulnerable Software and Affected Versions Kube-router versions prior to 2.8.0 Description Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node's network configuration. This impacts multi-tenant clusters where untrusted user...

Resources Downloaded over Insecure Protocol

Overview onnx is an Open Neural Network Exchange Affected versions of this package are vulnerable to Resources Downloaded over Insecure Protocol via the onnx.hub.load function when the silent parameter is set to True. An attacker can bypass repository trust verification and suppress all security...

ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack

What's the issue Passing silent=True to onnx.hub.load kills all trust warnings and user prompts. This means a model can be downloaded from any unverified GitHub repo with zero user awareness. python if not verifyreporefrepo and not silent: completely skipped when silent=True print"The model repo...

GHSA-HQMJ-H5C6-369M ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack

What's the issue Passing silent=True to onnx.hub.load kills all trust warnings and user prompts. This means a model can be downloaded from any unverified GitHub repo with zero user awareness. python if not verifyreporefrepo and not silent: completely skipped when silent=True print"The model repo...

PT-2026-25841

Name of the Vulnerable Software and Affected Versions Open Neural Network Exchange ONNX versions through 1.20.1 Description ONNX is an open standard for machine learning interoperability. A security control bypass exists in the onnx.hub.load function due to flawed repository trust verification...

PT-2026-25843

The Google Cloud Storage for Craft CMS plugin provides a Google Cloud Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.2.1, the DefaultController-actionLoadBucketData endpoint allows unauthenticated users with a valid CSRF token to view a list of buckets that the plugin...

EulerOS 2.0 SP12 : python-urllib3 (EulerOS-SA-2026-1409)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the...

OESA-2026-1576 freetype security update

FreeType is written in C, designed to be small,efficient, highly customizable, and portable while capable of producing high-quality output glyph images of most vector and bitmap font formats Security Fixes: An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in...

SUSE CVE-2026-3950

A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

EUVD-2026-11561

SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...

CVE-2026-3950

A flaw was found in libheif. A local attacker could exploit an out-of-bounds read vulnerability in the Track::load function within the stsz/stts component. This manipulation could lead to a Denial of Service DoS, making the affected system or application unavailable...

CVE-2026-3989

SGLangs replayrequestdump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...

CVE-2026-3904

A flaw was found in glibc. When calling NSS-backed functions that support caching via nscd, the nscd client under high load on x8664 systems may call the memcmp function on inputs that are concurrently modified by other processes or threads, causing a crash and resulting in a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-3950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component...

PT-2026-24943

SGLangs replay request dump.py contains an insecure pickle.load without validation and proper deserialization. An attacker can take advantage of this by providing a malicious .pkl file, which will execute the attackers code on the device running the script...

mod_cluster 注入漏洞

modcluster is a httpd-based load balancer within the modcluster project. Modcluster has an injection vulnerability, which stems from a CRLF injection in the decodeenc function. This vulnerability may lead to bypassing input validation...

sglang 安全漏洞

SGLang is a programming language and runtime system developed by SGL-project, aimed at accelerating large model inference. SGLang has a security vulnerability, which stems from improper use of the pickle.load function in the replayrequestdump.py file, potentially allowing for the execution of...