CVE-2026-34207

TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.examp...

CVE-2026-24902 TrustTunnel has SSRF and private network restriction bypass via numeric address destinations

TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...

Linux kernel denial of service vulnerability (CNVD-2019-25445)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'tcmloopmakenaatpg' function in the drivers/target/loopback/tcmloop.c file in versions of Linux kernel prior to 3.1. An attacker...

PT-2019-6717 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.1 Description: The issue is related to an off-by-one error in the tcm loop make naa tpg function, located in the drivers/target/loopback/tcm loop.c file. This error could result in at least memory corruption...