CVE-2026-42400

Uncontrolled Resource Consumption CWE-400 in Kibana can lead to denial of service via Excessive Allocation CAPEC-130. An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization checks, causing excessive memory and CPU resource consumptio...

Unity Linux 20.1060e / 20.1070e Security Update: fetchmail (UTSA-2026-017438)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017438 advisory. Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. Tenable has extracted...

Incorrect Authorization

Overview @openclaw/tlon is an OpenClaw Tlon/Urbit channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the cite expansion process before authorization is complete. An attacker can access or manipulate content prior to proper authorization by triggering ci...

SUSE CVE-2025-21828

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't flush non-uploaded STAs If STA state is pre-moved to AUTHORIZED such as in IBSS scenarios and insertion fails, the station is freed. In this case, the driver never knew about the station, so trying to flush ...

Huawei HarmonyOS 授权问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from an application identity verification laxity vulnerability in Huawei's pre-authorization...

CVE-2021-32172

Maian Cart v3.8 contains a preauthorization remote code execution RCE exploit via a broken access control issue in the Elfinder plugin...

CVE-2021-32172

Maian Cart =3.8 (patched). If applicable, refer to the linked disclosures for technical details and exploit examples. If not already done, monitor for updates from vendors and security advisories.

CVE-2021-32172

Maian Cart v3.8 contains a preauthorization remote code execution RCE exploit via a broken access control issue in the Elfinder plugin...

OESA-2021-1297 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093...

Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit

Exploit for multiple platform in category dos / poc =========================================================== Oracle Internet Directory 10.1.4 Remote Preauth DoS Exploit =========================================================== !/usr/bin/python """ Oracle Internet Directory 10.1.4...