CVE-2026-6451

The cms-fuer-motorrad-werkstaetten plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.0.0. This is due to missing nonce validation on all eight AJAX deletion handlers: vehiclescfmwdvehicle, contactscfmwdcontact, supplierscfmwdsupplier,...

GHSA-8R5M-3F66-QPR3 HashiCorp Vault has Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS

Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0,...

Exploit for CVE-2026-40175

CVE-2026-40175 — Axios CRLF Injection / HTTP Request Smuggling...

PT-2026-37012

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.12 Description An issue exists in the QQBot reply media URL handling that allows server-side request forgery SSRF, a flaw where a server is tricked into making requests to an unintended location. Attackers can...

HTTP Request Smuggling

Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...

PT-2026-37120

Name of the Vulnerable Software and Affected Versions YARD versions prior to 0.9.42 Description A path traversal issue exists when using yard server to serve documentation. This flaw allows unsanitized HTTP requests to access arbitrary files on the host machine under certain conditions. Path...

PT-2026-36793

Name of the Vulnerable Software and Affected Versions Totolink N300RH version 3.2.4-B20220812 Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists in the setUpgradeFW function within the '/cgi-bin/cstecgi.cgi' endpoint when manipulating...

PT-2026-33449

Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...

PT-2026-33422

Name of the Vulnerable Software and Affected Versions cms-fuer-motorrad-werkstaetten versions prior to 1.0.1 Description The cms-fuer-motorrad-werkstaetten plugin for WordPress is susceptible to Cross-Site Request Forgery. This occurs because eight AJAX deletion handlers lack nonce validation and...

Nomios GREENmod 安全漏洞

Nomios GREENmod is an industrial control system developed by the Polish company Nomios, designed for monitoring and managing energy and power infrastructure. Nomios GREENmod has a security vulnerability, which stems from incorrect configuration of the name pipe access control list, potentially...

PT-2026-37008

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.14 Description Improper access control in browser snapshot, screenshot, and tab routes allows authenticated callers to bypass Server-Side Request Forgery SSRF restrictions. This occurs because the system fails...

PT-2026-37013

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.14 Description A server-side request forgery SSRF issue exists in the browser SSRF policy that allows private-network navigation by default. This misconfiguration enables attackers to access internal services ...

PT-2026-33461

Name of the Vulnerable Software and Affected Versions prasathmani TinyFileManager versions prior to 2.7 Description An issue in the File Upload Handler component allows for server-side request forgery, a flaw where an attacker can induce the server to make requests to an unintended location. This...

PT-2026-37028

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.10 Description A server-side request forgery SSRF policy bypass exists in existing-session browser interaction routes. This allows attackers to bypass navigation guards to interact with or navigate to...

MiracleLinux 9 : nodejs:24 (AXSA:2026-449:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-449:01 advisory. nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion CVE-2026-2554...

CVE-2026-31317

Craftql v1.3.7 and before is vulnerable to Server-Side Request Forgery SSRF which allows an attacker to execute arbitrary code via the vendor/markhuot/craftql/src/Listeners/GetAssetsFieldSchema.php file...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007366 advisory. In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007240 advisory. In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. syzkaller reported an overflown write in arpreqget. 0 When...

Unity Linux 20.1070a Security Update: libsoup (UTSA-2026-007256)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007256 advisory. A flaw in libsoups HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies...

Cisco Unity Connection Arbitrary File Download (cisco-sa-unity-file-download-RmKEVWPx)

According to its self-reported version, Cisco Unity Connection is affected by multiple arbitrary file download vulnerabilities: - Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these...