MiracleLinux 8 : java-11-openjdk-11.0.10.0.9-8.el8 (AXBA:2021-2043:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXBA:2021-2043:09 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java S...

libcurl 7.87.0 < 8.18.0 OpenSSL partial chain store policy bypass (CVE-2025-14819)

The version of libcurl installed on the remote host is missing a security update. It is, therefore, affected by a improper certificate validation vulnerability. - When performing TLS transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could...

CVE-2025-14819

When doing TLS related transfers with reused easy or multi handles and altering the CURLSSLOPTNOPARTIALCHAIN option, libcurl could accidentally reuse a CA store cached in memory for which the partial chain option was reversed. Contrary to the user's wishes and expectations. This could make libcur...

OESA-2026-1125 libpng security update

The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...

OESA-2026-1124 libpng security update

The libpng package contains libraries used by other programs for reading and writing PNG format files. The PNG format was designed as a replacement for GIF and, to a lesser extent, TIFF, with many improvements and extensions and lack of patent problems. Security Fixes: LIBPNG is a reference libra...

EUVD-2026-2913

In Apache Airflow versions before 3.1.6, when rendered template fields in a Dag exceed core maxtemplatedfieldlength, sensitive values could be exposed in cleartext in the Rendered Templates UI. This occurred because serialization of those fields used a secrets masker instance that did not include...

SUSE CVE-2021-1998

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-004803)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004803 advisory. In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've eith...

SAP NetWeaver AS Java Sensitive Information Vulnerability (January 2026)

The version of SAP NetWeaver Application Server for Java detected on the remote host is affected by an Sensitive Information vulnerability as disclosed in the SAP Security Patch Day January 2026: - The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004774)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004774 advisory. In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've eith...

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

MiracleLinux 4 : openssl-1.0.0-20.AXS4 (AXSA:2012-14:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-14:01 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which...

CVE-2025-68949

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

CVE-2025-68949

n8n has a Webhook node IP whitelist bypass vulnerability (CVE-2025-68949). From 1.36.0 up to, but not including, 2.2.0, the Webhook node validated IPs by partial string matching rather than exact IP comparison. This could allow an incoming request from a non-whitelisted IP to be accepted if its a...

CVE-2025-68949 n8n has a Webhook Node IP Whitelist Bypass via Partial String Matching

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

CVE-2025-68949 n8n has a Webhook Node IP Whitelist Bypass via Partial String Matching

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

EUVD-2026-2029

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

CVE-2025-68949 n8n has a Webhook Node IP Whitelist Bypass via Partial String Matching

n8n is an open source workflow automation platform. From 1.36.0 to before 2.2.0, the Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured...

n8n: Webhook Node IP Whitelist Bypass via Partial String Matching

Impact The Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured whitelist entry as a substring. This issue affected instances where...

GHSA-W96V-GF22-CRWP n8n: Webhook Node IP Whitelist Bypass via Partial String Matching

Impact The Webhook node’s IP whitelist validation performed partial string matching instead of exact IP comparison. As a result, an incoming request could be accepted if the source IP address merely contained the configured whitelist entry as a substring. This issue affected instances where...