CVE-2026-46698 Fediverse Embeds: Public-nonce SSRF via ftf_get_site_info AJAX action

Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wpajaxnoprivftfgetsiteinfo includes/SiteInfo.php that verified a nonce ftf-fediverse-embeds-nonce and then called filegethtml$siteurl on the...

CVE-2026-46698

Fediverse Embeds (WordPress plugin) prior to 1.5.9 registered an unauthenticated AJAX action, wp_ajax_nopriv_ftf_get_site_info, which validated a nonce ftf-fediverse-embeds-nonce and then performed file_get_html($site_url) on an attacker-supplied URL. The same nonce was enqueued on every public p...

Kolibri has Unauthenticated Server-Side Request Forgery (SSRF) in RemoteFacilityUserViewset

Summary Several Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...

CVE-2026-53442

A flaw was found in Jenkins. Secrets submitted via POST config.xml are stored unencrypted in job configuration files on the Jenkins controller. This allows users with 'Item/Extended Read' permission, or those with direct access to the Jenkins controller file system, to view sensitive information...

Security Bulletin: SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in Eclipse Jetty

Summary SPSS Collaboration and Deployment Services is affected by multiple vulnerabilities in Eclipse Jetty. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-11143 DESCRIPTION: The Jetty URI parser has some key differences to other common parsers when...

CVE-2026-44496 Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

CVE-2026-44495 Axios: Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge

Axios is a promise based HTTP client for the browser and Node.js. From 0.19.0 to before 0.31.1 and 1.15.2, Axios contains prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse,...

EUVD-2026-36258

Axios is a promise based HTTP client for the browser and Node.js. From 0.19.0 to before 0.31.1 and 1.15.2, Axios contains prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse,...

CVE-2026-44495

Axios is a promise based HTTP client for the browser and Node.js. From 0.19.0 to before 0.31.1 and 1.15.2, Axios contains prototype-pollution gadgets in request config processing. If another vulnerability in the same JavaScript process has already polluted Object.prototype.transformResponse,...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper validation of the Host header when parsing raw HTTP request messages or deriving a server request URI from server variables. An attacker can manipulate the Host header to include URI authori...

CVE-2026-6338

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

CVE-2026-6338 HTTP request smuggling in Kong Enteprise Gateway

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

EUVD-2026-36246

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

CVE-2026-6338

Kong Gateway Enterprise versions 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 are affected by a HTTP request smuggling and desynchronization vulnerability caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic. The issue can enable network‑level abus...

CVE-2026-6338 HTTP request smuggling in Kong Enteprise Gateway

A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic...

@grpc/grpc-js: A malformed request can cause a server crash

Impact An invalid incoming HTTP/2 stream initiation can cause a server process to crash. This affects all servers created using @grpc/grpc-js. Patches The following version have fixes for this vulnerability: - 1.9.16 - 1.10.12 - 1.11.4 - 1.12.7 - 1.13.5 - 1.14.4 Workarounds There is no workaround...

openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...

MAL-2026-5648 Malicious code in unified-ui-components-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78fe6900f4329c8e4c7bb5322f0e30a3f3b90e289c45852fca61c4fd16f43fd8 On npm install, the package's postinstall.js collects os.hostname and os.userInfo.username and embeds them as query-string parameters in a plaintext...

GHSA-Q8R6-5HFW-5JFF guzzlehttp/guzzle-services' XML Request Serialization Vulnerable to XML Injection via CDATA Terminator

Impact guzzlehttp/guzzle-services does not safely serialize scalar XML element values containing the CDATA terminator . The XML request serializer writes values containing , or & with XMLWriter::writeCData$value. If attacker-controlled input contains , the CDATA section closes early and the...

GHSA-34XG-WGJX-8XPH guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation

Impact guzzlehttp/psr7 improperly interpreted malformed Host header values when constructing request URIs from inbound request data. This issue concerns inbound request parsing and server request construction. It does not require serializing a PSR-7 request, and it is not part of the normal...