CVE-2026-41999

Incorrect Behaviour of Views with TCP PROXY Requests...

CVE-2026-41999 Incorrect Behaviour of Views with TCP PROXY Requests

Incorrect Behaviour of Views with TCP PROXY Requests...

CVE-2026-41999

Incorrect Behaviour of Views with TCP PROXY Requests...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from the incorrect classification of proxy remote requests as loop connections, which could allow attackers ...

CVE-2026-29023

Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...

CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key

Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...

CVE-2026-29023 Keygraph Shannon Hard-coded Router API Key

Keygraph Shannon contains a hard-coded API key in its router configuration that, when the router component is enabled and exposed, allows network attackers to authenticate using the publicly known static key. An attacker able to reach the router port can proxy requests through the Shannon instanc...

CVE-2026-0612

The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...

CVE-2026-0612 CVE-2026-0612

The Librarian contains a information leakage vulnerability through the webfetch tool, which can be used to retrieve arbitrary external content provided by an attacker, which can be used to proxy requests through The Librarian infrastructure. The vendor has fixed the vulnerability in all versions ...

CVE-2026-0612

The Librarian (TheLibrarian.io) contains an information leakage vulnerability in the web_fetch tool that allows an attacker to retrieve arbitrary external content and proxy requests through The Librarian infrastructure. The issue affects The Librarian implementations and has been fixed in all ver...

PT-2026-3247

Name of the Vulnerable Software and Affected Versions The Librarian affected versions not specified Description The Librarian software has an information leakage issue stemming from the web fetch tool. This allows an attacker to retrieve arbitrary external content, potentially using The Librarian...

CVE-2025-60534

CVE-2025-60534 affects Blue Access Cobalt v02.000.195. The issue is an authentication bypass that lets an attacker selectively proxy requests to operate functionality in the web application without valid credentials. Primary impact is high (CVSS: 9.8, Network attacker, no privileges required, no ...

EulerOS Virtualization 2.13.0 : httpd (EulerOS-SA-2025-2578)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of...

EUVD-2021-26863

Malware in sbrugna...

USN-7639-1 apache2 vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...

USN-7639-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled certain Content-Type response headers. A remote attacker could possibly use this issue to perform HTTP response splitting attacks. CVE-2024-42516 xiaojunjie discovered that the Apache HTTP Server modproxy module incorrectly handled...

CVE-2025-47791 Nextcloud Server's test remote endpoint is not rate limited

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server prior to 28.0.13, 29.0.10, and 30.0.3 and Nextcloud Enterprise Server prior to 28.0.13, 29.0.10, and 30.0.3, a currently unused endpoint to verify a share recipient was not protected correctly, allowing to proxy requests...

Nextcloud 代码问题漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A code issue vulnerability exists in Nextcloud versions prior to 28.0.13, prior to 29.0.10, and prior to 30.0.3, which stems from not properly securing a...

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

VulnCheck KEV: CVE-2025-24472

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests...