30125 matches found
SUSE CVE-2026-40181
React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect function can trigger an open redirect to an external domain due to path values starting with // being reinterpreted as protocol-relative URLs. The level of impact...
EUVD-2026-34175
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every a...
ROOT-APP-PYPI-CVE-2024-3651 CVE-2024-3651 in rootio-idna - Patched by Root
Root has patched CVE-2024-3651 in the rootio-idna package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-34110 CVE-2023-34110 in rootio-Flask-AppBuilder - Patched by Root
Root has patched CVE-2023-34110 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-43859 CVE-2025-43859 in rootio-h11 - Patched by Root
Root has patched CVE-2025-43859 in the rootio-h11 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-69196 CVE-2025-69196 in rootio-fastmcp - Patched by Root
Root has patched CVE-2025-69196 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-28490 CVE-2026-28490 in rootio-Authlib - Patched by Root
Root has patched CVE-2026-28490 in the rootio-Authlib package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-33936 CVE-2026-33936 in rootio-ecdsa - Patched by Root
Root has patched CVE-2026-33936 in the rootio-ecdsa package for Root:PyPI. Multiple fixed versions available...
EUVD-2026-34092
daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...
ROOT-APP-NPM-CVE-2025-14874 CVE-2025-14874 in @rootio/nodemailer - Patched by Root
Root has patched CVE-2025-14874 in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-33891 CVE-2026-33891 in @rootio/node-forge - Patched by Root
Root has patched CVE-2026-33891 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
CVE-2026-10722
A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipulation of the argument offset leads to integer overflow. The attack can only be performed from a...
ROOT-APP-NPM-CVE-2026-1527 CVE-2026-1527 in @rootio/undici - Patched by Root
Root has patched CVE-2026-1527 in the @rootio/undici package for Root:npm. Multiple fixed versions available...
CVE-2026-47065
CVE-2026-47065 (Apache MINA context) describes two deserialization bypass issues: first, resolveProxyClass bypasses the accept/allow-list when JDK resolves proxy interfaces from a serialized proxy via ObjectInputStream.readProxyDesc(), and second, readClassDescriptor triggers static initializers ...
ROOT-APP-NPM-CVE-2026-42043 CVE-2026-42043 in @rootio/axios - Patched by Root
Root has patched CVE-2026-42043 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-39745 CVE-2025-39745 in rootio-linux - Patched by Root
Root has patched CVE-2025-39745 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40355 CVE-2025-40355 in rootio-linux - Patched by Root
Root has patched CVE-2025-40355 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37876 CVE-2025-37876 in rootio-linux - Patched by Root
Root has patched CVE-2025-37876 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-40160 CVE-2025-40160 in rootio-linux - Patched by Root
Root has patched CVE-2025-40160 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2025-37925 CVE-2025-37925 in rootio-linux - Patched by Root
Root has patched CVE-2025-37925 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...