Apache Tomcat 环境问题漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Versions of Apache Tomcat 11.0.18 and earlier, 10.1.52 and earlier, 9.0.115 and earlier, 8.5.100 and earlier, and 7.0.109 and...

ALSA-2026:7350 Important: nodejs:24 security update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Nodejs denial of service CVE-2026-21637 brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion...

SUSE CVE-2026-31842

Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive comparison of the Transfer-Encoding header in src/reqs.c. The ischunkedtransfer function uses strcmp to compare the header value against "chunked", even though RFC 7230 specifies that...

SUSE CVE-2026-33034

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

Open Redirect

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Open Redirect via the fetchWithSsrFGuard function. An attacker can access sensitive request data or headers by triggering cross-origin redirects. Remediation Upgrade openclaw to version...

CLSA-2026-1775688811 Fix CVE(s): CVE-2026-32748, CVE-2026-33526

SECURITY UPDATE: denial of service via use-after-free in ICP - debian/patches/CVE-2026-33526.patch: remove duplicate rfc1738escape call in icpGetRequest that invalidated the previously escaped URL pointer - CVE-2026-33526 SECURITY UPDATE: denial of service via use-after-free in ICP request handli...

CVE-2026-40037

OpenClaw before 2026.3.31 patched in 2026.4.8 contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this by triggering redirects to exfiltrate sensitive request data or headers to...

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the transaction update endpoint. An attacker can bypass intended restrictions and hide protected transaction records from normal views by sending a crafted PUT request to soft-delete synced non-manual...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the runPlaygroundServer process in cmd/run/run.go and the playground configuration in pkg/server/config/config.go. An attacker can recover the preshared API key by sending an unauthenticated request to the...

CVE-2026-40037

OpenClaw before 2026.3.31 patched in 2026.4.8 contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this by triggering redirects to exfiltrate sensitive request data or headers to...

CVE-2026-40037 OpenClaw < 2026.3.31 - Unsafe Request Body Replay via fetchWithSsrFGuard Cross-Origin Redirects

OpenClaw before 2026.3.31 patched in 2026.4.8 contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this by triggering redirects to exfiltrate sensitive request data or headers to...

CVE-2026-40037

OpenClaw vulnerability CVE-2026-40037 affects OpenClaw prior to 2026.3.31, with a patch issued in 2026.4.8. The issue is a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this to exfiltrate...

CVE-2026-40037 OpenClaw < 2026.3.31 - Unsafe Request Body Replay via fetchWithSsrFGuard Cross-Origin Redirects

OpenClaw before 2026.3.31 patched in 2026.4.8 contains a request body replay vulnerability in fetchWithSsrFGuard that allows unsafe request bodies to be resent across cross-origin redirects. Attackers can exploit this by triggering redirects to exfiltrate sensitive request data or headers to...

EUVD-2025-209353

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of input parameters in the /webkeyword.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request via the name, en, time, memgb2312, and memutf8 parameters...

EUVD-2025-209354

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /webpost.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, userid, log, and time...

EUVD-2025-209345

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /urlrule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log...

EUVD-2024-33803

The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the saveoption function. This makes it possible for unauthenticated attackers to update settings and inject...

DEBIAN-CVE-2026-39882

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to 1.43.0, the otlp HTTP exporters traces/metrics/logs read the full HTTP response body into an in-memory bytes.Buffer without a size cap. This is exploitable for memory exhaustion when the configured collector endpoint is...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the requestEmailChange mutation. An attacker can determine whether specific email addresses are registered by analyzing the differences in error messages returned by the system. Remediation A fix was pushed into...

Improper Authentication

Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Authentication in processOCSPRequest, which is part of the the CLIENTCERT authentication process. In some "edge cases", an attacker can trigger a soft-fail...