CVE-2026-42344

FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding TOCTOU — Time-of-Check to Time-of-Use. The function resolves the hostname via dns.resolve4/dns.resolve6 and check...

CVE-2026-30858 WeKnora: DNS Rebinding Vulnerability in web_fetch Tool Allows SSRF to Internal Resources

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a DNS rebinding vulnerability in the webfetch tool allows an unauthenticated attacker to bypass URL validation and access internal resources on the server, including privat...

CVE-2026-30858 WeKnora: DNS Rebinding Vulnerability in web_fetch Tool Allows SSRF to Internal Resources

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.0, a DNS rebinding vulnerability in the webfetch tool allows an unauthenticated attacker to bypass URL validation and access internal resources on the server, including privat...

CVE-2025-9614

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead to...

Ollama 安全漏洞

Ollama is a large language model that can be started and run locally from the Ollama open source. A security vulnerability exists in Ollama versions prior to 0.1.29 that stems from the presence of a DNS rebinding vulnerability that could inadvertently allow remote access to the full API, which...

SUSE CVE-2022-26505

A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files...

Link Preview JS 代码问题漏洞

Link Preview JS is a tool for extracting web link information. A security vulnerability exists in Link Preview JS prior to version 2.1.16, which stems from flawed DNS rebinding protection...

GitLab Enterprise Edition 代码问题漏洞

GitLab Enterprise Edition is a content management system. A code issue vulnerability exists in GitLab Enterprise Edition and Gitlab Community Edition that stems from a DNS rebinding issue in the Irker IRC Gateway integration. A remote attacker could use this vulnerability to send a specially...

camel: DNS Rebinding in JMX Connector could result in remote command execution

Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0...

Freebox server DNS rebinding vulnerability

The Freebox server is a DSL modem, router, Wi-Fi hotspot, NAS 250 GB hard disk, DECT base with up to 8 connected DECT telephones as well as Digital Video Recorder-T for TNT also known as DVB and IPTV. A security vulnerability exists in Freebox Server versions prior to 4.2.3, which stems from a DN...

Apple iTunes < 12.5.1 Multiple Vulnerabilities (uncredentialed Check)

The version of Apple iTunes running on the remote Windows host is prior to 12.5.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to improper handling of error prototypes. An unauthenticated, remote attacker can exploit this, by...

Apple iTunes < 12.5.1 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.5.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to improper handling of error prototypes. An unauthenticated, remote attacker can exploit this, by...