Node.js: Incomplete Fix for CVE-2026-21637: OCSPRequest and resumeSession Events Crash Node.js TLS Server via Unhandled Synchronous Exceptions

Summary The March 2026 security release patched CVE-2026-21637 by wrapping SNICallback, ALPNCallback, and pskCallback invocations in try/catch blocks inside lib/internal/tls/wrap.js. That fix is present in v26.3.0. However, two other TLS callback paths in the same file were left unprotected: 1...

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelpercreateasyncendpoint and sendhttpgetrequestsynchronous hard-code OpenSSL::SSL::VERIFYNONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH...

CVE-2026-10737

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...

CVE-2026-42999

A flaw was found in OpenStack Keystone. This vulnerability allows an authenticated user to bypass Role-Based Access Control RBAC checks by injecting arbitrary policy target attributes into the request body. This enables the user to perform unauthorized operations on resources belonging to other...

CVE-2026-47265

A flaw was found in AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python. This vulnerability allows a remote attacker to potentially gain access to sensitive information. When a developer uses the cookies parameter on a per-request basis, cookies are sent after following a...

PT-2026-46254

Name of the Vulnerable Software and Affected Versions MISP affected versions not specified Description A mass assignment issue exists in the user edit functionality. The application fails to sufficiently filter user-supplied fields in the UsersController::edit function, allowing it to accept a...

CVE-2026-35904

CVE-2026-35904 affects T3 Technology CPE models: T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03. The issue is incorrect access control in the device web management CGI component, allowing unauthenticated attackers to enable Telnet via a crafted request. Public exploit/poC exists (GitHub advis...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that when configuring OpenConfig, a gNMI Set request that should be rejected may still be...

CoreShop 代码注入漏洞

CoreShop is an open-source e-commerce system developed by CoreShop. Versions 5.0.1 to 5.1.0-beta.1 of CoreShop have a code injection vulnerability. This vulnerability arises from the GitHub Actions workflow using pullrequesttarget to trigger and inspect unvalidated code, potentially allowing remo...

Cloud Foundry BOSH 安全漏洞

Cloud Foundry BOSH is a cloud infrastructure automation platform developed by the American Cloud Foundry company. All versions of Cloud Foundry BOSH, as well as previous versions, have security vulnerabilities. These vulnerabilities stem from the hardcoded SSL verification disabled in...

PT-2026-46180

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template. save pil image of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A...

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

PT-2026-46303

Name of the Vulnerable Software and Affected Versions Axios versions prior to 0.32.0 Axios versions prior to 1.16.0 Description Axios constructs a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who can...

PT-2026-46889

Summary The /api/ action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...

PT-2026-46188

A vulnerability was detected in keystonejs keystone up to 20260319. This vulnerability affects unknown code in the library packages/core/src/lib/core/queries/output-field.ts of the component GraphQL API Endpoint. The manipulation results in resource consumption. It is possible to launch the attac...

Iris 安全漏洞

Iris is an open-source fast, simple, yet fully functional and highly efficient Go network framework developed by DFIR-IRIS. Versions of Iris prior to 2.4.28 contained security vulnerabilities, which stemmed from allowing users to manipulate API requests to modify values in the database...

PT-2026-46259

Name of the Vulnerable Software and Affected Versions Tautulli versions prior to 2.17.1 Description Tautulli contains a Server-Side Request Forgery SSRF issue where a public endpoint '/image/' resolves entries from image hash lookup and processes them using the same server-side image fetch logic ...

PT-2026-46189

Name of the Vulnerable Software and Affected Versions MLflow versions prior to 3.10.1 Description A flaw in the Dataset Digest Computation component allows the use of a weak hash. This issue occurs within the mlflow.data.digest utils function located in the mlflow/data/digest utils.py file. An...

PT-2026-46863

Summary The /api/ action/media/external-link endpoint allows authenticated admin users to make server-side HTTP HEAD requests to arbitrary internal IP addresses. While the parallel uploadFromURL flow validates target IPs against private/reserved ranges via FileUrlValidator, the linkURL flow only...

JetBrains TeamCity < 2025.11.5 Multiple Vulnerabilities

The version of JetBrains TeamCity installed on the remote host is prior to 2025.11.5. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2026.1, 2025.11.5 authenticated users could expose server API to unauthorised access CVE-2026-44413 - In JetBrains TeamCity...