8761 matches found
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
CVE-2026-7664
IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...
EUVD-2026-38281
IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...
CVE-2026-7664 Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS
IBM Langflow OSS 1.0.0 through 1.8.4 could allow unauthenticated attackers to access protected MCP project resources and execute MCP operations due to improper authorization enforcement in the Streamable MCP transport endpoint...
CVE-2026-7664
Summary: IBM Langflow OSS versions 1.0.0–1.8.4 are affected by an unauthenticated access issue due to improper authorization enforcement on the Streamable MCP transport endpoint, potentially allowing access to protected MCP project resources and execution of MCP operations. Affected products/vers...
ROOT-APP-MAVEN-CVE-2026-42577 CVE-2026-42577 in io.root.io.netty:netty-transport-native-epoll - Patched by Root
Root has patched CVE-2026-42577 in the io.root.io.netty:netty-transport-native-epoll package for Root:Maven. Multiple fixed versions available...
Apache ActiveMQ - Remote Code Execution via HTTP Discovery Transport Bypass
Apache ActiveMQ before 5.19.6 and 6.0.0 through 6.2.4 is vulnerable to remote code execution via a bypass of the CVE-2026-34197 security fix. The original fix blocked the "vm://" transport scheme in BrokerView.addNetworkConnector and BrokerView.addConnector to prevent authenticated attackers from...
Linux Distros Unpatched Vulnerability : CVE-2026-55200
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on...
CVE-2026-9142
NI grpc-device versions prior to 2.17.0 are affected by an insecure default credentials vulnerability when TLS configuration is absent and the server binds beyond the loopback interface. This could allow an unauthenticated access to the server on the local network. No exploit details or fixes are...
crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages
A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...
undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent
Impact undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername...
Siemens RUGGEDCOM RST2428P Incorrect Bitwise Shift of Integer (CVE-2025-40281)
In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible shift-out-of- bounds 1 Blamed commit added rtoalphamax and rtobetamax set to 1000. It is unclear if some sctp users are setting very...
CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c
libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...
EUVD-2026-37784
libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...
Improper Certificate Validation
Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to Improper Certificate Validation in the ProxyAgent when configured with a SOCKS5 proxy URI, which causes the requestTls option to be silently dropped. An attacker can...
CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent
Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...
eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...
eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security TLS handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service DoS condition, impacting the availability of t...