EUVD-2026-38738

Capgo before 12.128.2 contains a broken object level authorization BOLA vulnerability in the POST /build/start/:jobId and POST /build/cancel/:jobId endpoints. The handlers authorize the request based only on the attacker-controlled appid supplied in the request body and never verify that the jobI...

CURL-CVE-2026-11564 Native CA trust persist

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA...

Dragonfly2 < 2.1.0-beta.1 - Hardcoded JWT Secret

Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation CNCF as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to...

Spring Cloud Config Server - Path Traversal

Spring Cloud 3.1.x 3.1.13, 4.1.x 4.1.9, 4.2.x 4.2.3, 4.3.x 4.3.2, and 5.0.x 5.0.2 contain a path traversal caused by profile parameter substitution in Config Server using native file system backend, letting attackers access files outside configured directories, exploit requires crafted request. i...

CVE-2026-56280

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort listener on the SSE stream that unconditionally invokes cancelBuildOnDisconnect using the privileged...

CVE-2026-49468

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0...

EUVD-2026-38368

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort listener on the SSE stream that unconditionally invokes cancelBuildOnDisconnect using the privileged...

CVE-2026-56280 Cap-go - Privilege Inversion in Build Log Stream via SSE Disconnect

Cap-go before 12.128.2 contains a privilege inversion vulnerability in GET /build/logs/:jobId that allows read-only API key holders to cancel running native builds. The endpoint registers an abort listener on the SSE stream that unconditionally invokes cancelBuildOnDisconnect using the privileged...

Security Bulletin: The following vulnerabilities that can affect IBM Storage Scale Container Storage Interface (CSI) are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher

Summary The following vulnerabilities, which can affect IBM Storage Scale Container Storage Interface CSI CVE-2026-9167 are now fixed in Storage Scale Container Native 5.2.3.8 / CSI 2.14.7 or higher and Storage Scale Container Native 6.0.1.0 / CSI 3.1.0 or higher. Vulnerability Details...

PT-2026-51406

Name of the Vulnerable Software and Affected Versions Cap-go versions prior to 12.128.2 Description A privilege inversion issue exists in the 'GET /build/logs/:jobId' endpoint. This endpoint utilizes Server-Sent Events SSE to stream output and registers an abort listener that invokes the...

CVE-2026-56294

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

EUVD-2026-38121

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

CVE-2026-56294 capacitor-native-biometric - Authentication Bypass via Unvalidated CryptoObject in onAuthenticationSucceeded

capacitor-native-biometric before 12.128.2 contains an authentication bypass vulnerability where the onAuthenticationSucceeded method fails to validate CryptoObject parameters. Attackers can hook the onAuthenticationSucceeded function using dynamic instrumentation to bypass biometric authenticati...

CVE-2026-56294

The CVE-2026-56294 vulnerability affects capacitor-native-biometric (before 12.128.2). The onAuthenticationSucceeded() path fails to validate CryptoObject parameters, enabling an attacker to bypass biometric authentication by hooking the function via dynamic instrumentation. This can allow access...

GHSA-9CV2-CFXC-V4V2 Nokogiri: Null Pointer Dereference calling methods on uninitialized wrapper classes

Summary Nokogiri contains a bug when calling certain methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This caused a NULL pointer dereference that could crash the process. Nokogiri 1.19.4 checks for missing native data pointers and raises a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fixed invalid data access in ath12kdprxhundecapnwifi. In certain cases, hardware may generate packets with a length greater than the maximum native Wi-Fi header length. This can lead to accessing and modifying field...

Astra Linux – Vulnerability in Tomcat9

There is a vulnerability in Apache Tomcat when using the APR/Native connector, involving concurrent execution with shared resources and improper synchronization known as “race condition”. This issue is particularly noticeable during client-initiated closures of HTTP/2 connections. This issue...

Malicious code in dotenv-sync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c91932ecf0decc2b900d3e3cd6effe3c4cb1c4ec5ddfd98cde2460facf9f7ae1 On Windows, src/envsync/init.py lines 39-44 unconditionally calls ctypes.CDLL on a bundled 2.9MB PE file parser.pyd at top-level import, wrapped in...

Malicious code in disksweep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a6449a8f35de848928e7f17d88c87db80e5aee40e8b53c375e07fc7d43cc05e On every import disksweep, the package's top-level src/disksweep/init.py lines 18-24 calls ctypes.CDLL on a 2.9 MB Windows binary parser.pyd shipped...

MAL-2026-6081 Malicious code in disksweep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a6449a8f35de848928e7f17d88c87db80e5aee40e8b53c375e07fc7d43cc05e On every import disksweep, the package's top-level src/disksweep/init.py lines 18-24 calls ctypes.CDLL on a 2.9 MB Windows binary parser.pyd shipped...