Wireshark MCP Server 命令注入漏洞

Wireshark MCP Server is a network packet capture and analysis tool developed by AG Personal Developers. Wireshark MCP Server has a command injection vulnerability, which stems from a issue with the quickcapture function in the pysharkmcp.py file. This vulnerability may lead to command injection v...

PT-2026-37093

Name of the Vulnerable Software and Affected Versions RedisBloom versions prior to 2.8.20 Description RedisBloom, a probabilistic data structures module for Redis, fails to properly validate serialized values processed via the 'RESTORE' command. An authenticated attacker with permissions to execu...

PT-2026-37243

Name of the Vulnerable Software and Affected Versions Paramiko versions prior to 4.0.0 a448945 Description The rsakey.py file allows the use of the SHA-1 algorithm, which is a cryptographic hash function that is no longer considered secure against well-funded attackers. Recommendations Update to...

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. There were security vulnerabilities in Apache HTTP Server versions 2.4.30 to 2.4.66. These...

CVE-2026-29168

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

ROS-20260505-73-0063

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0062

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0061

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0036

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0060

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0064

A vulnerability in the email module of the Python programming language interpreter is related to the failure to take measures to neutralize CRLF sequences. Exploitation of the vulnerability could allow a remote attacker to compromise the integrity of protected information...

ROS-20260505-73-0065

A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0066

A vulnerability in the base64 module of the Python programming language interpreter is related to incorrect data type conversion. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...

ROS-20260505-73-0073

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0072

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0074

A vulnerability in the ngxstreamsslmodule module of the NGINX Plus and NGINX Open Source HTTP server is related to a flaw in the authorization procedure. Exploitation of the vulnerability may allow a remote intruder to bypass security restrictions and gain unauthorized access to protected...

ROS-20260505-73-0071

A vulnerability in the tarfile module of the Python programming language interpreter CPython is related to incorrect parsing of the file header. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260505-73-0039

A vulnerability in the plistlib module of the Python programming language interpreter is associated with uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260505-73-0079

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...

ROS-20260505-73-0078

A vulnerability in the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address and ipaddress.IPv6Network classes of the ipaddress module of the Python programming language interpreter CPython is related to incorrect IP address range validation. Exploitation of the vulnerability could...