12839 matches found
CVE-2026-53655
node-tar (node-tar) before version 7.5.16 is vulnerable: it applies a PAX extended header size override to the next header entry, including intermediary L/K/x headers, which desynchronizes the stream cursor from other tar implementations. This yields a tar-parser interpretation differential (CWE-...
PT-2026-51449
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description An issue exists where webhooks follow redirects, allowing access to hostnames within localCIDRs Internet Protocol address ranges used for local networks. This leads to Server Side Request Forgery SSRF,...
GHSA-6VXV-WG6J-5QWP Gogs: XSS in .ipynb files renderer due to outdated notebookjs
Summary Gogs renders Jupyter notebook files .ipynb using jsvine/notebookjs, but the version is outdated, missing patches for known XSS vulnerabilities. Details Gogs uses version 0.4.2 of notebookjs to render Jupyter notebook files:...
CVE-2026-55741
Cotonti 1.0.0 (master, commit f43f1fc3) is vulnerable to Cross-Site Request Forgery in the admin configuration handler. The vulnerability occurs in system/admin/admin.config.php where the update action (a=update) processes POST data via cot_config_update_options() without calling cot_check_xg() t...
Malicious code in @mastra/s3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69bd7442a33e88350e5a804e238625a967b16df137b4b1623cd6a0587d25dc21 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-5963 Malicious code in @mastra/schema-compat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3037c66f9c4357ce9a1c2ec848e86eeef189f1b1a2c3f9f6c891963cf60049c0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
CVE-2026-46838
...
CVE-2026-12003
To allow builds of Python to be run from an in-tree layout rather than an installed file layout, the VPATH variable is defined at build time and used to locate certain landmarks - specifically, Modules/setup.local. When this landmark is found relative to VPATH relative to the executable, Python...
CVE-2026-12009 vulnerabilities
Vulnerabilities for packages: chromium...
PT-2026-50162
Name of the Vulnerable Software and Affected Versions Caddy versions prior to 2.11.4 Description Caddy is an extensible server platform that uses TLS by default. The stripHTML template function, specifically within the funcStripHTML function, cannot reliably remove all HTML tags from input string...
Nuxt: Dev server discloses project absolute path and persistent workspace UUID via `/.well-known/appspecific/com.chrome.devtools.json`
Summary When running nuxt dev, Nuxt registers an unauthenticated route at /.well-known/appspecific/com.chrome.devtools.json that returns the absolute filesystem path of the project root and a per-project UUID persisted to nodemodules/.cache/nuxt/chrome-workspace.json. The route is enabled by...
Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname
Summary In affected versions, the HTTP request path is not validated before being used to reconstruct request.url. Because request.url is rebuilt by concatenating scheme://hostpath and re-parsing the result, a path that does not begin with / for example @google.com moves the authority boundary...
Malicious code in ckanext-dms (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5bce6d55a65fbab98cd93d6109b563f49e9557b542a8b9c2fd68e25755b7089e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
ROS-20260615-73-0012
The vulnerability of the planardecompressplanerle function in the FreeRDP RDP client is related to data writing beyond the specified buffer. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information...
CVE-2026-50101
Naxclow devices use a server-side, per-device relay credential that never rotates and is re-issued to the device on each boot. Because this credential remains valid indefinitely and cannot be reset or revoked by the legitimate owner, any party that obtains it through any exposure path can maintai...
GHSA-6964-PP88-6WP9 Budibase: SSRF via User-Controlled queryId in Automation Execute Query Step
Summary The executeQuery automation step in Budibase accepts a queryId from automation step inputs and passes it directly to the query execution controller without additional validation. When combined with a REST datasource configured to target internal infrastructure, this creates a server-side...
EUVD-2026-36476
The Aqara IAM/SSO gateway gw-builder.aqara.com exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of "CWE-306: Missing Authentication for Critical Function" and "CWE-327: Use of a Broken or Risky Cryptographic Algorithm," and has a...
CVE-2026-47190 IPAM controller service account granted unnecessary full access to Secrets
IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions create, delete, get, list, patch, update, watch on core/v1 Secrets. The controller never accesses Secrets during normal...
CVE-2026-47190 IPAM controller service account granted unnecessary full access to Secrets
IPAM is the IP address Manager for Cluster API Provider Metal3. Prior to versions 1.11.7, 1.12.4, and 1.13.0, the IPAM controller's ClusterRole granted full CRUD permissions create, delete, get, list, patch, update, watch on core/v1 Secrets. The controller never accesses Secrets during normal...
Malicious code in zatzdbai (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee421570e1dd748a4953205977d4b902c65acae47ebf90a91ba8c5c86a9961f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...