CVE-2026-53538 vulnerabilities

Vulnerabilities for packages: airflow-core, airflow, airflow-postgres-fips, tritonserver-backend-vllm-cuda-12.9, wazuh-manager-fips, litellm...

CVE-2025-11915

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

CVE-2025-11915

CVE-2025-11915 involves a connection desynchronization issue between an HTTP proxy and the Vertex AI model backend. Root cause: synchronization mismatch across the proxy-backend boundary. Impact is described as affecting certain third-party models, with fixes rolled out for all proxies in front o...

EUVD-2025-35358

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

Google Cloud Vertex AI API 安全漏洞

Google Cloud Vertex AI API is a set of interfaces for machine learning platforms from Google, Inc USA. A security vulnerability exists in the Google Cloud Vertex AI API that stems from an unsynchronized connection between the HTTP proxy and the model backend...

PT-2025-43062

Name of the Vulnerable Software and Affected Versions versions prior to 2025-09-28 Description A desynchronization issue exists between an HTTP proxy and the model backend. This affects communication within the model backend. Approximately 10,000 devices worldwide are potentially affected. The...

python-django: Username enumeration through timing difference for users with unusable passwords

A vulnerability was found in Python-Django in the django.contrib.auth.backends.ModelBackend.authenticate method. This flaw allows remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords...