Incorrect Authorization

Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Incorrect Authorization via the validateauthorizationrequest function. An attacker can cause the server to redirect users to arbitrary URLs by submitting a crafted...

ROS-20260513-73-0008

Vulnerability in rubygem-rack related to a flaw in http request handling. Exploitation of the vulnerability may allow a remote attacker to affect the integrity of protected information...

ELECOM多款产品 安全漏洞

ELECOM WAB-MAT, among others, are products of the ELECOM company. ELECOM WAB-MAT is a management tool for enterprise access points. ELECOM WAB represents a series of wireless access points. ELECOM WAB-S300 is a wireless access point. Several ELECOM products have security vulnerabilities; these...

Flight 安全漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained security vulnerabilities. These vulnerabilities stemmed from the unconditional acceptance of the X-HTTP-Method-Override header and the$REQUESTmethod parameter by the Request::getMethod method. This...

ShellHub 安全漏洞

ShellHub is an open-source remote device access and management platform developed by ShellHub. Versions of ShellHub prior to 0.24.2 contained security vulnerabilities. These vulnerabilities stemmed from the GET /api/devices/:uid request, which returned the complete device object for any...

PT-2026-40618

Easy2Pilot 7 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized user accounts by tricking authenticated administrators into visiting malicious pages. Attackers can craft HTML forms targeting the admin.php?action=add user endpoint with POST requests...

Netty 输入验证错误漏洞

Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contain a vulnerability related to input validation errors...

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained environmental issues. These issues were caused by...

PT-2026-40607

Name of the Vulnerable Software and Affected Versions bandit versions 1.4.0 through 1.11.0 Description An unauthenticated remote attacker can cause a denial of service via memory exhaustion. The read data/2 function in Elixir.Bandit.HTTP1.Socket ignores the :length option when processing HTTP/1...

MISP modules 跨站请求伪造漏洞

MISP modules are scalable threat intelligence platform modules developed under the open-source MISP Project. They support import, export, expansion, and automated workflows. MISP modules 3.0.7 and earlier versions had a cross-site request forgery vulnerability. This vulnerability stemmed from the...

Grafana Live push endpoint allows unbounded memory allocation leading to OOM

The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading to out-of-memory conditions. An authenticated user with access to the Grafana Live API can trigger this issue...

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework developed by the Netty community. It is primarily used for developing Java network applications, such as protocol servers and clients. Versions of Netty prior to 4.2.13.Final and 4.1.133.Final contained environmental issues. These issues stemmed...

Grafana plugin resources can lead to unbounded memory allocation

A request to the Grafana plugin resources endpoint can cause unbounded memory allocation by reading the entire request body into memory. An authenticated user can exploit this to trigger an out-of-memory condition, potentially causing a denial of service...

libcurl 安全漏洞

libcurl is a free and easy-to-use client URL transfer library for cURL, which is open-source. There is a security vulnerability in libcurl, caused by improper handling of custom Host headers. This vulnerability may lead to the incorrect transmission of cookies from the first request during the...

PT-2026-40786

Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A request to the plugin resources endpoint can cause unbounded memory allocation because the entire request body is read into memory. An authenticated user can exploit this to trigger an...

CVE-2026-44548 ChurchCRM: CSRF via legacy GET-delete pages (FundRaiserDelete.php, PropertyTypeDelete.php, NoteDelete.php)

ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php causes a logged-in ChurchCRM user with the relevant role to silently delete records,...

Server-side Request Forgery (SSRF)

Overview sillytavern is a LLM Frontend for Power Users Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the corsProxyMiddleware function. An attacker can access internal network services or sensitive metadata endpoints by supplying a crafted URL to the GET...

CVE-2026-42196

django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random...

EUVD-2026-29756

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain...

EUVD-2026-29853

mosparo is the modern solution to protect your online forms from spam. Prior to 1.4.13, the automatic rule package source URL feature allows a project member with the editor role to store an attacker-controlled URL that the server later fetches. Because the server follows http/https redirects and...