34 matches found
CVE-2026-55884
Tilt HUD server in github.com/tilt-dev/tilt is affected in versions 0.20.8–0.37.3 where the HUD HTTP server registers handlers on a gorilla/mux router without authentication. When bound to a non-loopback address, an unauthenticated network caller can trigger developer-defined Tiltfile resources, ...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HUD server when it is bound to a non-loopback address. An attacker can execute arbitrary developer-defined resources, modify arguments, and access sensitive engine state by making...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the HUD server when it is bound to a non-loopback address. An attacker can execute arbitrary developer-defined resources, modify arguments, and access sensitive engine state by making...
Tilt: Missing authentication on the network-exposed Tilt HUD server
Summary The Tilt HUD HTTP server exposes state-changing and sensitive-read endpoints with no authentication. When the HUD is bound to a non-loopback address, a network attacker can trigger the developer's pre-defined Tiltfile resources, tamper with Tiltfile arguments, read full engine state...
Tilt: Cross-site WebSocket hijacking of the Tilt HUD stream
Summary The Tilt HUD WebSocket /ws/view is gated by a CSRF token, but the token is served by an unauthenticated endpoint and the upgrader accepts any client that omits an Origin header. When the HUD is network-exposed, an attacker can open the HUD stream and read the developer's session state...
Tilt: Unauthenticated pprof debug endpoints on the Tilt HUD server
Summary The Tilt HUD server mounts Go's net/http/pprof handlers under /debug with no access control. When the HUD is network-exposed, an attacker can read process memory — including session and apiserver tokens — and hold the process under profiling. Details A blank import of net/http/pprof...
GHSA-R78R-RWRF-RJWP Network-AI: CVE-2026-46701 fix incomplete — empty default secret still authorizes all requests
Advisory / Disclosure Network-AI — CVE-2026-46701 fix is incomplete: the "Empty Default Secret" unauth path survives Target: Jovancoding/Network-AI npm network-ai, latest v5.7.1 Status: the advisory "Unauthenticated Cross-Origin MCP Tool Invocation via Empty Default Secret" named three flaws. The...
PT-2026-50978
Name of the Vulnerable Software and Affected Versions Tilt versions 0.19.5 through 0.37.3 Description The Tilt HUD server mounts Go's net/http/pprof handlers under the '/debug' endpoint without access control. When the HUD is network-exposed, an unauthenticated caller can read process memory via...
PT-2026-50980
Name of the Vulnerable Software and Affected Versions Tilt versions 0.20.8 through 0.37.3 Description The HUD HTTP server lacks authentication for state-changing and sensitive-read endpoints. When the HUD is bound to a non-loopback address, a network attacker can trigger pre-defined Tiltfile...
EUVD-2026-36421
@nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent incomplete fix for GHSA-6m52-m754-pw2g...
CVE-2026-49993
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack /...
CVE-2026-45670
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...
CVE-2026-49993 @nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent (incomplete fix for GHSA-6m52-m754-pw2g)
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack /...
CVE-2026-49993
Nuxt (Vue.js) users using the @nuxt/rspack-builder and @nuxt/webpack-builder are affected. The CVE concerns an incomplete fix for GHSA-6m52-m754-pw2g in versions 3.15.4–3.21.6 and 4.0.0–4.4.6, where the dev server could leak source code if bound to a non-loopback address and a malicious site is o...
CVE-2026-45670 Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99)
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...
EUVD-2026-36419
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...
CVE-2026-45670
Summary (CVE-2026-45670) Nuxt.js dev-server exposure issue affects @nuxt/webpack-builder and @nuxt/rspack-builder. An incomplete fix for GHSA-4gf7-ff8x-hq99 allowed source-code leakage when the dev server is bound to a non-loopback address (for example, nuxt dev --host) and a user visits a malici...
CVE-2026-45670 Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99)
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...
PT-2026-48868
Name of the Vulnerable Software and Affected Versions @nuxt/rspack-builder versions 3.15.4 through 3.21.6 @nuxt/rspack-builder versions 4.0.0 through 4.4.6 @nuxt/webpack-builder versions 3.15.4 through 3.21.6 @nuxt/webpack-builder versions 4.0.0 through 4.4.6 Description An incomplete fix in the...
GHSA-JMFC-HFJQ-PXCP stigmem-node's federation insecure transport settings may allow non-loopback cleartext federation
Impact Stigmem nodes with federation enabled could be configured to run without mTLS outside loopback-only local development. In affected deployments, federation traffic may traverse the network without the intended transport protection. Impacted users are operators who enabled federation and...