CVE-2026-54317

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView homeassistant/components/konnected/init.py, that is marked as not requiring authentication requiresauth = False....

GHSA-993G-76C3-P5M4 PyJWKClient: missing scheme allowlist enables CVE-2024-21643-class SSRF + token forgery via file://, ftp://, data: schemes

!NOTE The library does not directly return non-HTTPS URI contents to the attacker; the chained "plant a JWKS to forge tokens" scenario described in the original report requires additional application-layer flaws attacker write access to a filesystem path, untrusted jku derivation that this fix do...

CVE-2026-45223

Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken function fails to reject payloads containing an admin claim, allowing attackers to escalate privileges. An attacker with access to the shared non-admin...

Hono: JWT middleware accepts any Authorization scheme, not only Bearer

Summary The jwt and jwk middlewares do not verify that the Authorization header value uses theBearer scheme. Any two-part header value — regardless of the scheme name in the first position — proceeds to JWT verification. A request presenting a valid JWT under a non-Bearer scheme identifier such a...

CVE-2026-44847

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint /api/trigger/v1/webhook/triggerid is accessible without authentication. The WebhookAuth class unconditionally returns None, , which Django REST Framework interprets as successful authentication...

SUSE CVE-2026-48526

PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate use of JSON Web Keys in HMAC algorithm, allowing attacker to use the issuer public key as the...

CVE-2026-45041

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TESTPRIVATEKEY and uses it in production via parselicense to "verify" license tokens. Because the key is embedded in every...

[SECURITY] [DLA 4605-1] python-flask-httpauth security update

Debian LTS Advisory DLA-4605-1 [email protected] https://www.debian.org/lts/security/ Emmanuel Arias May 28, 2026 https://wiki.debian.org/LTS Package : python-flask-httpauth Version : 3.2.4-3.1+deb11u1 CVE ID : CVE-2026-34531 Debian Bug : 1132581 A vulnerability was found in...

CVE-2026-35675

CVE-2026-35675 affects phpMyFAQ prior to 4.1.3. An authentication bypass exists in the /api/user/password/update password reset endpoint, allowing unauthenticated attacker to reset any user’s password without token verification or email confirmation. Impact is full account takeover with administr...

CVE-2026-35675 phpMyFAQ - Authentication Bypass via Missing Password Reset Token in /api/user/password/update

phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in the password reset endpoint that allows unauthenticated attackers to reset any user account password without token verification or email confirmation. Attackers can enumerate valid usernames, obtain plaintext passwords via...

PT-2026-44469

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, crates/appauth/src/token.rs ships a 2048-bit RSA private key as a string constant named TEST PRIVATE KEY and uses it in production via parse license to "verify" license tokens. Because the key is embedded in every...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system developed by Thorsten Rinne. Versions of phpMyFAQ prior to 4.1.3 contained security vulnerabilities. These vulnerabilities stemmed from the unvalidated password reset API endpoint, allowing attackers to change account passwords without...

Portainer 安全漏洞

Portainer is a lightweight user management interface developed by Portainer for managing Docker environments and Docker hosts. Versions of Portainer Community Edition from 2.33.0 to 2.33.8 contained security vulnerabilities. These vulnerabilities stemmed from the kubeClientMiddleware middleware...

pyjwt 安全漏洞

PyJWT is a Python library developed by José Padilla of the United States. It allows for the encoding and decoding of JSON Web Tokens JWTs. There were security vulnerabilities in PyJWT versions 2.8.0 to 2.12.1. These vulnerabilities stemmed from the fact that when verifying separate JWS tokens tha...

CVE-2026-44847

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint /api/trigger/v1/webhook/triggerid is accessible without authentication. The WebhookAuth class unconditionally returns None, , which Django REST Framework interprets as successful authentication...

kavita 安全漏洞

Kavita is a fast and feature-rich cross-platform reading server developed by Kavita OpenSource. Versions of Kavita prior to 0.9.0.2 contained security vulnerabilities. These vulnerabilities stemmed from improper token verification, which could allow remote unauthenticated attackers to obtain user...

Weak Password Recovery Mechanism for Forgotten Password

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword process. An attacker can gain unauthorized access to any user account,...

ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351

JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token. OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key, and no raise InvalidKeyError if key.empty? precondition exists in the HMAC algorithm. JWT.decodetoken, "", true, algorithm: 'HS256' ...

ruby-jwt: Empty-key HMAC bypass; cross-language sibling of CVE-2026-44351

JWT.decodetoken, '', true, algorithm: 'HS256' accepts an attacker-forged token. OpenSSL::HMAC.digest'SHA256', '', payload returns a valid digest under an empty key, and no raise InvalidKeyError if key.empty? precondition exists in the HMAC algorithm. JWT.decodetoken, "", true, algorithm: 'HS256' ...

JoomSky Joomla! Component Js Jobs 跨站请求伪造漏洞

JoomSky Joomla! Component Js Jobs is a human resources component developed by JoomSky Corporation, designed for publishing job listings, managing positions, and facilitating job applications on Joomla websites. Version 1.2.0 of JoomSky Joomla! Component Js Jobs contains a cross-site request...