CVE-2026-44427

The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. From 1.1.0 to 1.7.4, the TrailingSlashMiddleware in internal/api/server.go is vulnerable to an open redirect attack. An attacker can craft a URL with a protocol-relative path e.g., //evil.com/ tha...

PraisonAI has Unrestricted Upload Size in WSGI Recipe Registry Server that Enables Memory Exhaustion DoS

Summary The WSGI-based recipe registry server server.py reads the entire HTTP request body into memory based on the client-supplied Content-Length header with no upper bound. Combined with authentication being disabled by default no token configured, any local process can send arbitrarily large...

CVE-2026-40115

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server server.py reads the entire HTTP request body into memory based on the client-supplied Content-Length header with no upper bound. Combined with authentication being disabled by default no token...

CVE-2026-40115

The provided sources confirm a concrete vulnerability in PraisonAI’s WSGI recipe registry server prior to version 4.5.128: the server reads the full HTTP request body into memory based on the client’s Content-Length, with no upper bound, while the Starlette server enforces a 10 MB limit. Combined...

CVE-2026-40115 PraisonAI has an Unrestricted Upload Size in WSGI Recipe Registry Server Enables Memory Exhaustion DoS

PraisonAI is a multi-agent teams system. Prior to 4.5.128, the WSGI-based recipe registry server server.py reads the entire HTTP request body into memory based on the client-supplied Content-Length header with no upper bound. Combined with authentication being disabled by default no token...

EUVD-2025-122788

Malicious code in registry-server-jekyll-stream npm...

Exploit for Path Traversal in Ollama

CVE-2024-37032 Path traversal in Ollama with rogue registry se...

Virtuozzo 6 : java-1.8.0-openjdk / java-1.8.0-openjdk-debug / etc (VZLSA-2019-0774)

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2019-1301)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for java-1.8.0-openjdk (EulerOS-SA-2019-1585)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-16097 Harbor privilege elevation vulnerability analysis-vulnerability warning-the black bar safety net

The Harbor is one for the storage and distribution Docker image of the enterprise Registry server, by adding some of the business functions necessary characteristics, such as security, identification, and management, the expansion of the open-source Docker Distribution. As an enterprise-level...

OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

RHEL 7 : java-1.7.1-ibm (RHSA-2019:1166)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1166 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

Updated java-1.8.0-openjdk packages fix security vulnerability

The updated packages fix several bugs and some security issues: Font layout engine out of bounds access setCurrGlyphID. CVE-2019-2698 Slow conversion of BigDecimal to long. CVE-2019-2602 Incorrect skeleton selection in RMI registry server-side dispatch handling. CVE-2019-2684...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

com.alipay.sofa:ark-sofa-boot (>=4.0.0-M1 <=4.0.0-M2), com.alipay.sofa:ark-sofa-boot-starter (>=4.0.0-M1 <=4.0.0-M2) +35 more potentially affected by CVE-2019-9212 via com.alipay.sofa:hessian (>=3.3.0 <=3.3.4)

com.alipay.sofa:hessian MAVEN version =3.3.0, =4.0.0-M1, =4.0.0-M1, =1.4.1, =2.5.0, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6, =6.5.6.20241001 and more Source cves: CVE-2019-9212 Source advisory: OSV:GHSA-PFWP-8PQ4-G7PV...

[SECURITY] Fedora 17 Update: openstack-glance-2012.1.2-2.fc17

OpenStack Image Service code-named Glance provides discovery, registratio n, and delivery services for virtual disk images. The Image Service API server provides a standard REST interface for querying information about virtual d isk images stored in a variety of back-end stores, including OpenSta...

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Debian DSA-2356-1 : openjdk-6 - several vulnerabilities (BEAST)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform : - CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode. - CVE-2011-3521 The CORBA implementation contains a...