GHSA-PMWG-CVHR-8VH7 Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0

Executive Summary This report documents an incomplete security patch for the previously disclosed vulnerability GHSA-3p68-rc4w-qgx5 CVE-2025-62718, which affects the NOPROXY hostname resolution logic in the Axios HTTP library. Background — The Original Vulnerability The original vulnerability...

Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0

Executive Summary This report documents an incomplete security patch for the previously disclosed vulnerability GHSA-3p68-rc4w-qgx5 CVE-2025-62718, which affects the NOPROXY hostname resolution logic in the Axios HTTP library. Background — The Original Vulnerability The original vulnerability...

GHSA-3W6X-2G7M-8V23 Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`

Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical...

Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`

Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical...

GHSA-XHJH-PMCV-23JW Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams

Vulnerability Disclosure: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams Summary The encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00'...

Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams

Vulnerability Disclosure: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams Summary The encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00'...

GHSA-8PQQ-224H-X875 ogham-mcp had credentials embedded in published PyPI sdists -- Neon postgres URLs and Voyage API key

Summary Between 2026-02 and 2026-04-24 a total of 22 public PyPI sdists of ogham-mcp contained development credentials embedded in source files. All credentials have since been rotated on the respective providers. No known exploitation. Upgrade to v0.11.1 to get a clean release. What was leaked |...

ogham-mcp had credentials embedded in published PyPI sdists -- Neon postgres URLs and Voyage API key

Summary Between 2026-02 and 2026-04-24 a total of 22 public PyPI sdists of ogham-mcp contained development credentials embedded in source files. All credentials have since been rotated on the respective providers. No known exploitation. Upgrade to v0.11.1 to get a clean release. What was leaked |...

PT-2026-37249

Affected Version: OpenMage LTS ≤ 20.16.0 confirmed on 20.16.0 Affected File: https://github.com/OpenMage/magento-lts/blob/main/app/code/core/Mage/Api/Model/Session.php – start method Summary The XML-RPC / SOAP API session ID is generated using an outdated, time-based construction rather than a...

📄 NiceGUI 3.6.1 Path Traversal

NiceGUI version 3.6.1 suffers from a path traversal vulnerability. Exploit Title: NiceGUI 3.6.1 - Path Traversal Author: Mohammed Idrees Banyamer Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Date: 2025-06-06 Tested on: NiceGUI = 3.6.1 Python 3.8–3.12 on Linux/Windows CVE:...

PT-2026-38895

Summary Submodule name validation bypass plus missing validation in production code paths allows path traversal via crafted .gitmodules. Combined with a trust inheritance flaw in Submodule::open, this enables reading arbitrary git repository configs including credentials from traversed paths with...

PT-2026-37243

Name of the Vulnerable Software and Affected Versions Paramiko versions prior to 4.0.0 a448945 Description The rsakey.py file allows the use of the SHA-1 algorithm, which is a cryptographic hash function that is no longer considered secure against well-funded attackers. Recommendations Update to...

📄 OpenWrt 23.05 Remote Code Execution

OpenWrt version 23.05 suffers from an authenticated remote code execution vulnerability. Exploit Title: OpenWrt 23.05 - Authenticated Remote Code Execution RCE Date: 2026-01-17 Exploit Author: Ahmet Mersin Vendor Homepage: https://github.com/stangri/luci-app-https-dns-proxy Software Link:...

PT-2026-37305

Name of the Vulnerable Software and Affected Versions wireshark-mcp versions 1.1.5 and earlier Description wireshark-mcp exposes a wireshark export objects tool that accepts an attacker-controlled dest dir parameter and passes it to the --export-objects flag of tshark without mandatory path...

📄 Cybersecurity AI (CAI) Framework 0.5.10 Command Injection

Cybersecurity AI CAI Framework versions 0.5.10 and below suffer from a command injection vulnerability. Exploit Title: Cybersecurity AI CAI Framework 0.5.10 - Command Injection CVE: CVE-2026-25130 Date: 2026-02-03 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram:...

📄 Craft CMS 5.6.16 Remote Code Execution

Craft CMS version 5.6.16 remote code execution exploit. Exploit Title: Craft CMS 5.6.16 - RCE Google Dork: N/A Date: 2026-01-24 Exploit Author: Mohammed Idrees Banyamer Author Country: Jordan Vendor Homepage: https://craftcms.com Software Link: https://github.com/craftcms/cms Version: = 3.9.14, =...

PT-2026-37293

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.0 Description A Cross-Site Request Forgery CSRF issue exists in the legacy profile-photo endpoint "objects/userSavePhoto.php". The endpoint accepts a base64 POST parameter imgBase64 and writes the decoded bytes...

PT-2026-36951

Name of the Vulnerable Software and Affected Versions Subscribe To Comments Reloaded versions prior to 240120 Description The Subscribe To Comments Reloaded plugin for WordPress allows unauthenticated attackers to modify data without authorization. This is caused by a leaked secret key and the us...

📄 MindsDB 25.9.1.1 Path Traversal

MindsDB version 25.9.1.1 suffers from a path traversal vulnerability. Exploit Title: MindsDB 25.9.1.1 - Path Traversal Date: 06-03-2026 Exploit Author: Lohitya Pushkar thewhiteh4t Vendor Homepage: https://mindsdb.com/ Software Link: https://github.com/mindsdb/mindsdb Version: not installed handle...

📄 Frigate NVR 0.16.3 Remote Code Execution

Frigate NVR version 0.16.3 proof of concept remote code execution exploit written in Python. Exploit Title: Frigate NVR 0.16.3 - Remote Code Execution Date: 2026-02-05 Exploit Author: jduardo2704 Vendor Homepage: https://frigate.video/ Software Link: https://github.com/blakeblackshear/frigate...