Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the inputSourceMap function. An attacker can access arbitrary files by crafting malicious input source code containing a sourceMappingURL comment that references a specific source map file path. Note: This is onl...

CVE-2026-50628

A flaw was found in the OAuthRequestFilter component of cxf. A logic error in this filter inadvertently creates an inverse security check when enabled. This issue causes legitimate requests from a bound IP address to be rejected, while requests from any other IP address are blindly allowed. This...

CVE-2026-50020

A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary...

CVE-2026-47244

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-liv...

CVE-2026-47691

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

CVE-2026-46340

A flaw was found in netty-transport-sctp. A remote attacker can exploit this vulnerability by sending specially crafted, non-complete Stream Control Transmission Protocol SCTP message fragments. This can lead to unbounded memory growth within the application, causing a Denial of Service DoS...

PT-2026-49233

Name of the Vulnerable Software and Affected Versions multer versions 1.0.0 through 2.1.1 multer version 3.0.0-alpha.1 Description A Denial of Service issue exists due to the way the append-field dependency parses bracket notation in field names within multipart form data. Because there is no lim...

VulnCheck KEV: CVE-2026-20253

In Splunk Enterprise 10.2 versions below 10.2.4 and 10 versions below 10.0.7, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint. The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls,...

PT-2026-49572

Name of the Vulnerable Software and Affected Versions Python-Multipart versions prior to 0.0.31 Description The parse form function fails to validate the Content-Length header before using it to limit the chunked read of the request body. Because the header value is parsed as an integer without a...

Arista Networks EOS Tunnel Decapsulation Improper Validation (SA0137)

On affected platforms running Arista EOS where a tunnel decapsulation configuration - such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface - is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packets wit...

wannacry-soc-lab

WannaCry SOC Investigation Lab Overview This project simu...

CVE-2026-54057

A flaw was found in Kitty, a cross-platform GPU-based terminal. An input sanitization vulnerability in Kitty's OSC 21 color-control query reply allows an attacker to inject controlled bytes, including newlines, directly into the shell's input. This could enable an attacker to execute arbitrary co...

CVE-2026-54056

A flaw was found in Kitty, a cross-platform GPU based terminal. A remote attacker can exploit a vulnerability in the kitten dnd feature by sending a specially crafted drag-and-drop request. This allows the attacker to overwrite or truncate arbitrary files on the local system that are writable by...

CVE-2026-42850

A flaw was found in Kitty, a cross-platform GPU based terminal. A remote attacker could exploit this vulnerability by sending a specially crafted escape code to a victim who is connected to the attacker via a program like netcat. This escape code triggers an unescaped error that is then executed ...

CVE-2026-44487

A flaw was found in Axios. During specific proxy-to-direct redirect flows in the Node.js HTTP adapter, a remote attacker could exploit this vulnerability. The Proxy-Authorization header, which contains proxy credentials and is intended only for the outbound proxy, may be forwarded to the final...

PT-2026-49059

Name of the Vulnerable Software and Affected Versions Tornado versions prior to 6.5.6 Description The optional native extension tornado.speedups implements the websocket mask function without validating that the mask argument is exactly four bytes long. The C function reads four bytes from mask...

CVE-2026-44495

A flaw was found in Axios, a promise-based HTTP client. This vulnerability involves prototype pollution gadgets in the request configuration processing. If another vulnerability has already polluted the Object.prototype.transformResponse, affected Axios versions may incorrectly interpret this...

CVE-2026-44490

A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as prototype pollution, allows an upstream dependency to modify the fundamental behavior of JavaScript objects. When this occurs, Axios can unknowingly incorporate these altered values, leading to two potential...

CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

Arc: Unauthenticated access to Go debug pprof endpoints leaks runtime state and enables CPU-burn DoS

Summary Arc registers Go's net/http/pprof handlers at /debug/pprof/ via app.Usepprof.New in internal/api/server.go, and /debug/pprof is added to PublicPrefixes in cmd/arc/main.go. The auth middleware short-circuits before the token check on prefix match, so the endpoints are reachable without any...