CVE-2026-55226

When deploying only the Topic Operator or only the User Operator via the Kafka custom resource, the Entity Operator's ServiceAccount retains RBAC rights for both operators rather than scoping permissions to the one actually deployed. This allows the ServiceAccount to access KafkaUser custom...

CVE-2026-54412

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...

CVE-2026-7368

The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the shared hard-coded credentials or legitimate per-user credentials, can subscribe to wildcard topics covering all robots globally, and can publish to any robot's command topic...

CVE-2026-7368 Yarbo Android/iOS Mobile Application and Cloud Infrastructure Missing Authorization

The Yarbo cloud does not enforce per-device or per-user authorization. Any client possessing valid credentials, whether the shared hard-coded credentials or legitimate per-user credentials, can subscribe to wildcard topics covering all robots globally, and can publish to any robot's command topic...

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the retrytopic-attempts header. An attacker can manipulate retry routing and backoff behavior by sending crafted headers with out-of-range attempt counts. Remediation Upgrade...

EUVD-2026-35904

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

CVE-2026-41727

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

VMware Spring for Apache Kafka 输入验证错误漏洞

VMware Spring for Apache Kafka is a Kafka messaging integration framework developed by VMware, Inc. Versions of Spring for Apache Kafka such as 4.0.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 2.9.0 and earlier, and 2.8.0 and earlier have a input validation vulnerability. This vulnerabili...

CVE-2026-41727 In Spring for Apache Kafka, forged retry topic headers subvert retry routing and backoff behavior

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

EUVD-2026-31111

PhoenixStorybook has cross-session PubSub topic injection via URL parameter...

GHSA-MRHX-6PW9-Q5FH PhoenixStorybook has cross-session PubSub topic injection via URL parameter

Summary The storybook iframe LiveView accepts a PubSub topic from the URL query string and broadcasts its own pid onto that topic with no check that the topic belongs to the current session. Any unauthenticated visitor who knows or guesses another user's playground topic can hijack the...

PhoenixStorybook has cross-session PubSub topic injection via URL parameter

Summary The storybook iframe LiveView accepts a PubSub topic from the URL query string and broadcasts its own pid onto that topic with no check that the topic belongs to the current session. Any unauthenticated visitor who knows or guesses another user's playground topic can hijack the...

CVE-2026-49186

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

PT-2026-48323

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retry topic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

MINI-Q79H-RJ7G-V3V8

Bulletin has no description...

CVE-2026-44838

RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2.4, RabbitMQ's MQTT plugin allows for topic-level authorization using regular expressions with variable substitution. Administrators can create patterns such as ^clientid-sensors$ to restrict user access to topics that include...

CVE-2026-7318

A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function searchpapers of the file researchserver.py. The manipulation of the argument topic results in path traversal. Attacking locally is a requirement. The exploit is now public and may be used. The project was...

CVE-2026-10242

A weakness has been identified in itsourcecode Content Management System 1.0. This impacts an unknown function of the file /instructions.php. This manipulation of the argument topicid causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the...

CVE-2026-10265

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

CVE-2026-7205

A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function searchpapers of the file src/main.py. Such manipulation of the argument topic leads to path traversal. The attack may be launched remotely. The exploit is publicly...