CVE-2026-40575 OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...

CVE-2026-40575

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...

EUVD-2026-24557

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...

CVE-2026-40575 OAuth2 Proxy has an Authentication Bypass via X-Forwarded-Uri Header Spoofing

OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied X-Forwarded-Uri header when --reverse-proxy is enabled and --skip-auth-regex or --skip-auth-route is configured. An attacker can spoof this header so OAut...

EUVD-2026-24477

frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser...

From-Shell-to-Root

🔥 Red Team Notes Pentesting This repository contains real-w...

Malicious code in my-package-jiecub3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1ec43b076f10c0f300bdde6c106bc020894f238b7b2b72e3a3c146d189bdb3a4 During installation, the package attempts to create a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

MAL-2026-2962 Malicious code in my-package-jiecub3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1ec43b076f10c0f300bdde6c106bc020894f238b7b2b72e3a3c146d189bdb3a4 During installation, the package attempts to create a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

CVE-2026-39973

Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in brut/androlib/res/decoder/ResFileDecoder.java allows a maliciously crafted APK to write arbitrary files to the filesystem during standard decoding apktool d. This is a...

frp 授权问题漏洞

FRP is an internal penetration reverse proxy tool developed by Fatedier’s developers. Versions of FRP from 0.43.0 to 0.68.0 have vulnerabilities related to authorization. These vulnerabilities arise from using routeByHTTPUser for access control. In this scenario, the HTTP vhost routing path...

Malicious code in moonbit-metrics-validator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e6bb44c25db578131ec69b1c961c22f67cabb0b81aae5fe9d4620194bf8d83cc Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...

MAL-2026-2946 Malicious code in moonbit-metrics-validator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e6bb44c25db578131ec69b1c961c22f67cabb0b81aae5fe9d4620194bf8d83cc Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...

Malicious code in moonbit-schema-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5fd7cc9fd6247802480f37b02a23faadb37c7fa5aded77358015c0861ab980e7 Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...

Malicious code in moonbit-locale-compat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d42bb32adb1fb5f388368b9e4ab382bfbc8cd7f62dab4c70a8563a448ce9c2af Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...

MAL-2026-2945 Malicious code in moonbit-locale-compat (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d42bb32adb1fb5f388368b9e4ab382bfbc8cd7f62dab4c70a8563a448ce9c2af Campaign includes a chain of dependencies that finally exfiltrate sensitive environment variables to a hardcoded GitHub repository as exfiltration target, and ...

Security Is Relative: Training-Free Vulnerability Detection Via Multi-Agent Behavioral Contract Synthesis

Deep learning for vulnerability detection has shown promising results on early benchmarks, but recent evaluations reveal catastrophic degradation: models achieving F1 0.68 on legacy datasets collapse to 0.031 under strict deduplication. We identify the root cause as the semantic ambiguity problem...

EUVD-2026-23492

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell...

CVE-2026-35546

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell...

CVE-2026-35546

The CVE-2026-35546 entry affects Anviz CX2 Lite and CX7 devices. The connected sources confirm a vulnerability where unauthenticated firmware uploads allow crafted archives to be accepted, enabling an attacker to plant and execute code and obtain a reverse shell. This indicates a remote code exec...

CVE-2026-35546 Anviz Products Missing Authentication for Critical Function

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell...