5 matches found
Mailpit: Incomplete SSRF protection in Link Check API via IPv6 transition mechanisms
Summary The remediation shipped in mailpit v1.29.2 for GHSA-mpf7-p9x7-96r3 CVE-2026-27808 is incomplete. The tools.IsInternalIP deny-list relies on Go's stdlib classification helpers IsLoopback, IsPrivate, IsLinkLocalUnicast, IsLinkLocalMulticast, IsUnspecified, IsMulticast plus an inline CGNAT...
kernel: ipv6: use RCU in ip6_xmit()
A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...
PT-2026-40612
Improper Input Validation in the NAT64 translator in The OpenThread Authors OpenThread before commit 26a882d on all platforms allows an attacker on the adjacent IPv4 network to inject corrupted IPv6 packets into the Thread mesh or bypass security checks via crafted IPv4 packets with options...
PT-2023-8524 · D Link · D-Link R15
Name of the Vulnerable Software and Affected Versions: D-Link R15 versions prior to 1.08.02 Description: The issue is related to a lack of firewall restrictions for IPv6 traffic, allowing attackers to access services running on the device that may be listening via IPv6. This can enable unauthoriz...
The vulnerability of the DNS server Dnsmasq, caused by overflow in the dynamic memory buffer, allows a hacker to cause a service failure or execute arbitrary code.
The vulnerability of the DNS server Dnsmasq arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures or execute arbitrary code using a specially crafted IPv6 request...