CVE-2026-20181

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

CVE-2026-20181

Cisco ISE/ISE-PIC in Cisco IOS XE is affected by CVE-2026-20181. The CVE entry describes authenticated remote command execution via crafted HTTP input with privilege escalation to root and potential DoS in single-node deployments. Connected PT-security material (PT-2026-34270) references a separa...

CVE-2026-20186

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

CVE-2026-41322

@astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from astro path with an incorrect/malformed if-match header returns a 500 error with a one year cache lifetime instead of 412 in some cases. This has the effect that all...

EUVD-2026-22973

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

EUVD-2026-22962

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

EUVD-2026-22970

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

CVE-2026-20147

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

CVE-2026-20147

Cisco CVE-2026-20147 affects Cisco Identity Services Engine (ISE) and ISE-PIC. An authenticated, remote attacker with valid administrative credentials can exploit insufficient input validation via a crafted HTTP request to execute arbitrary commands on the device’s underlying OS, potentially gain...

EUVD-2025-12672

Malicious code in bioql PyPI...

CVE-2025-55207

Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the...

Open Redirect

Overview @astrojs/node is a Deploy your site to a Node.js server Affected versions of this package are vulnerable to Open Redirect via the trailingSlash configuration in standalone mode with the Node deployment adapter. An attacker can redirect users to external sites by crafting URLs with double...

CVE-2025-55207 @astrojs/node's trailing slash handling causes open redirect issue

Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the...

CVE-2025-55207

Astro CVE-2025-55207 describes an Open Redirect vulnerability in certain Astro deployment scenarios. Specifically, when using the Node deployment adapter in standalone mode with trailingSlash set to "always", URLs like https://example.com//astro.build/press can redirect to //astro.build/press, en...

PT-2025-33494 · Astro · Astro

Name of the Vulnerable Software and Affected Versions: Astro versions prior to 9.4.1 Description: Astro is a web framework for content-driven websites. An open redirect vulnerability exists in certain Astro deployment scenarios. Specifically, when using the Node deployment adapter in standalone...

CVE-2025-20264

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration

Affected Environments Note that this issue only affects the V0 engine, which has been off by default since v0.8.0. Further, the issue only applies to a deployment using tensor parallelism across multiple hosts, which we do not expect to be a common deployment pattern. Since V0 is has been off by...

CVE-2025-30202

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...

CVE-2025-30202 Data exposure via ZeroMQ on multi-node vLLM deployment

vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Versions starting from 0.5.2 and prior to 0.8.5 are vulnerable to denial of service and data exposure via ZeroMQ on multi-node vLLM deployment. In a multi-node vLLM deployment, vLLM uses ZeroMQ for some multi-no...