3 matches found
NPM: undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse
NPM: undici vulnerable to cross-origin request routing via SOCKS5 proxy pool reuse vulnerability discovered by ? in WordPress Npm undici versions = 7.23.0, 7.28.0...
CVE-2026-6734
Summary of CVE-2026-6734 : A vulnerability in undici’s Socks5ProxyAgent causes cross-origin request routing by reusing a single connection pool across multiple origins without verifying the pool origin. As a result, requests for origin B can be dispatched through the pool for origin A; credential...
Crypto-Miner Campaign Targets Unpatched QNAP NAS Devices
Owners of popular QNAP Systems network attached storage NAS devices are being warned that a malicious cryptocurrency campaign is actively exploiting two critical firmware bugs in systems that have not yet been patched. QNAP fixed the flaws in October 2020; however, researchers at Qihoo 360’s...