10 matches found
CVE-2026-56678
9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...
CVE-2026-56678 9Router: Kiro region injection allows authenticated SSRF with Authorization header forwarding
9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...
CVE-2026-56678
9Router prior to v0.5.6 is vulnerable in the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key, which builds an upstream URL from a user-controlled region value. An authenticated attacker can supply a crafted region (example: kiro-canary.local:8443#) to trigger SSRF by directing the v...
CVE-2026-22611
AWS SDK for .NET works with Amazon Web Services to help build scalable solutions with Amazon S3, Amazon DynamoDB, Amazon Glacier, and more. From versions 4.0.0 to before 4.0.3.3, Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. This...
CVE-2026-22611
The CVE-2026-22611 issue affects the AWS SDK for .NET (versions 4.0.0 through 4.0.3.2) where the region input field could be set to an invalid value, causing AWS API calls to be routed to non-existent or non‑AWS hosts. A defense‑in‑depth enhancement was added in v4, validating that the region for...
GHSA-G59M-GF8J-GJF5 AWS SDK for Rust v1 adopted defense in depth enhancement for region parameter value
Summary This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value. A defense-in-depth enhancement has been implemented in th...
CVE-2024-21658 Insufficient control of region value length in discourse-calendar
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. The limit on region value length is too generous. This allows a malicious actor to cause a Discourse instance to use excessive bandwidth and disk space. This issue has been...
CVE-2024-21658 Insufficient control of region value length in discourse-calendar
discourse-calendar is a discourse plugin which adds the ability to create a dynamic calendar in the first post of a topic. The limit on region value length is too generous. This allows a malicious actor to cause a Discourse instance to use excessive bandwidth and disk space. This issue has been...
CVE-2024-21658
CVE-2024-21658 affects the discourse-calendar plugin for Discourse. The issue is an overly loose restriction on the region value length, which can cause a Discourse instance to consume excessive bandwidth and disk space. The vulnerability is fixed in the main branch; there are no public workaroun...
CVE-2018-3917
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. The...