PT-2026-46843

Summary app.mount strips the mount prefix from the incoming request path using the raw URL pathname, while route matching is performed against the percent-decoded path. This inconsistency causes the prefix to be stripped at the wrong position when the path contains percent-encoded multi-byte...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.20 contained security vulnerabilities. These vulnerabilities stemmed from a flaw related to hook session keys, which could allow attackers to bypass the...

SUSE-SU-2026:20895-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

CVE-2026-3419

Fastify incorrectly accepts malformed Content-Type headers containing trailing characters after the subtype token, in violation of RFC 9110 §8.3.1https://httpwg.org/specs/rfc9110.htmlfield.content-type. For example, a request sent with Content-Type: application/json garbage passes validation and ...

Copeland多款产品 缓冲区错误漏洞

Copeland XWEB 500D PRO and Copeland XWEB 500B PRO are advanced commercial and industrial refrigeration monitoring and management systems from the American company Copeland. Several products of Copeland have a buffer error vulnerability; this vulnerability stems from an API routing issue involving...

EUVD-2021-26475

Malware in sbrugna...

EUVD-2021-0951

Malware in sbrugna...

EUVD-2021-25602

Malware in sbrugna...

CVE-2025-59937

Go-mail (github.com/wneessen/go-mail) vulnerable in versions

TencentOS Server 4: NetworkManager (TSSA-2025:0067)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0067 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

haproxy: untrimmed URI fragments may lead to exposure of confidential data on static servers

HAProxy before 2.8.2 accepts as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a pathend rule, such as routing index.html.png to a static server...

USN-6573-1 linux-azure vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

USN-6536-1 linux, linux-aws, linux-laptop, linux-lowlatency, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

PT-2021-8260 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0 Description: The vulnerability is related to a slab-out-of-bounds read in the fib6 nh flush exceptions function in the Linux kernel's IPv6 routing code. This issue can be exploited to cause a denial of...

Cisco IOS Secure Shell Server TACACS+ Multiple DoS (CSCed65778, CSCed65285)

The remote version of IOS has the ability to enable an SSH server to let the administrators connect to the remote device. There is an implementation flaw in the remote version of this software which may allow an attacker to cause a resource starvation on the remote device, thus preventing it from...

Debian DSA-097-1 : exim - Uncontrolled program execution

Patrice Fournier discovered a bug in all versions of Exim older than Exim 3.34 and Exim 3.952. The Exim maintainer, Philip Hazel, writes about this issue: 'The problem exists only in the case of a run time configuration which directs or routes an address to a pipe transport without checking the...

FreeBSD : SA-04:12.jailroute

The remote host is running a version of the FreeBSD kernel which contains a bug which may allow a jailed process to modify the host routing tables of the whole system. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include"compat.inc"; ifdescription scriptid12555;...