CVE-2026-24173

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-24173

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a server crash by sending a malformed request to the server. A successful exploit of this vulnerability might lead to denial of service...

CVE-2026-35572 SSRF via Referer header in ChurchCRM allows server-side HTTP/HTTPS requests to arbitrary hosts

ChurchCRM is an open-source church management system. Prior to 6.5.3, it is possible to trigger server-side HTTP/HTTPS requests to arbitrary hosts SSRF by supplying a crafted URL in the Referer request header. The server subsequently makes an outbound request to the attacker-controlled domain,...

CVE-2026-35572

ChurchCRM is an open-source church management system. Prior to 6.5.3, it is possible to trigger server-side HTTP/HTTPS requests to arbitrary hosts SSRF by supplying a crafted URL in the Referer request header. The server subsequently makes an outbound request to the attacker-controlled domain,...

EUVD-2026-19770

ChurchCRM is an open-source church management system. Prior to 6.5.3, it is possible to trigger server-side HTTP/HTTPS requests to arbitrary hosts SSRF by supplying a crafted URL in the Referer request header. The server subsequently makes an outbound request to the attacker-controlled domain,...

CVE-2026-5661

A vulnerability was identified in Free5GC 4.2.0. This affects an unknown function of the component NGSetupRequest Handler. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit is publicly available and might be used...

CVE-2025-47391

Memory corruption while processing a frame request from user...

CVE-2026-35036

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts ...

CVE-2026-21376

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...

CVE-2026-35037

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, the GET /api/website/title endpoint accepts an arbitrary URL via the websiteurl query parameter and makes a server-side HTTP request to it without any validation of the target host or IP address. Th...

CVE-2026-4631

Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH...

GHSA-MVFQ-GGXM-9MC5 Django vulnerable to ASGI header spoofing via underscore/hyphen conflation

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

EUVD-2026-19648

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

Django: SGI requests with a missing or understated `Content-Length` header could bypass the `DATA_UPLOAD_MAX_MEMORY_SIZE` limit

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

DEBIAN-CVE-2026-3902

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

PYSEC-2026-51

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30.ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores.Earlier, unsupported Django...

PYSEC-2026-49

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30.ASGI requests with a missing or understated Content-Length header couldbypass the DATAUPLOADMAXMEMORYSIZE limit when readingHttpRequest.body, allowing remote attackers to load an unbounded request body...

CVE-2026-35516 LinkAce has SSRF via CheckLinksCommand - Link URL Update Bypasses laravel-html-meta Protection

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, LinkRepository::update and CheckLinksCommand::checkLink do not check for private IPs. An authenticated user can read responses from internal services AWS IMDSv1, cloud metadata, internal APIs by creating a link with a publ...

CVE-2026-35486

CVE-2026-35486 affects text-generation-webui prior to 4.3, where the superbooga/superboogav2 RAG extensions fetch user-supplied URLs via requests.get() without validation. The root cause is lack of URL scheme validation, IP filtering, and hostname allowlisting, enabling an attacker to reach cloud...

CVE-2026-3902

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...