4 matches found
Apache ActiveMQ - Remote Code Execution via HTTP Discovery Transport Bypass
Apache ActiveMQ before 5.19.6 and 6.0.0 through 6.2.4 is vulnerable to remote code execution via a bypass of the CVE-2026-34197 security fix. The original fix blocked the "vm://" transport scheme in BrokerView.addNetworkConnector and BrokerView.addConnector to prevent authenticated attackers from...
CVE-2026-44575
Summary: CVE-2026-44575 affects Next.js App Router: middleware/proxy authorization checks can be bypassed via transport-specific route variants used for segment prefetching. Specifically, in versions 15.2.0–before 15.5.16 and 16.2.5, specially crafted .rsc and segment-prefetch URLs can resolve to...
GHSA-VP29-5652-4FW9 CoreDNS has TSIG authentication bypass on gRPC and QUIC transports
Summary The gRPC, QUIC, DoH, and DoH3 transports in CoreDNS incorrectly handle TSIG authentication. For gRPC and QUIC, CoreDNS checks whether the TSIG key name exists in the config, but does not actually verify the TSIG HMAC. If the key name matches, tsigStatus remains nil and the tsig plugin...
curl: HSTS bypass via IDN
A vulnerability was found in curl. The issue can occur when curl's HSTS check is bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of an insecure clear-text HTTP step even when providing HTTP in the URL. Suppose the hostname in the given...