54 matches found
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: xfrm: Reinjecting transport-mode packets through the workqueue. The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: Soft lockup – CPU0 stuck for 22...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: s390/dasd: fixed an issue where error recovery led to data corruption on ESE devices. Extent Space Efficient ESE or thin-provisioned volumes need to be formatted on demand during normal IO processing. The dasdeseneedsformat...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021564)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021564 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when t...
CVE-2026-42282
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the...
Insertion of Sensitive Information into Log File
Overview n8n-mcp is an Integration between n8n workflow automation and Model Context Protocol MCP Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the POST /mcp endpoint. An attacker can cause sensitive information such as bearer tokens, API...
n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests
Impact When n8n-mcp runs in HTTP transport mode, incoming requests to the POST /mcp endpoint had their request metadata written to server logs regardless of the authentication outcome. In deployments where logs are collected, forwarded to external systems, or viewable outside the request trust...
PT-2026-34682
Name of the Vulnerable Software and Affected Versions n8n-mcp versions prior to 2.47.11 Description When running in HTTP transport mode, incoming requests to the 'POST /mcp' endpoint have their request metadata written to server logs regardless of whether authentication is successful. This can le...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011240)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011240 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when t...
Linux Distros Unpatched Vulnerability : CVE-2022-50445
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite i...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-392013)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-392013 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ES...
EUVD-2025-31978
Malicious code in bioql PyPI...
SUSE CVE-2022-50445
In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...
CVE-2022-50445
In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...
UBUNTU-CVE-2022-50445
In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...
CVE-2022-50445 xfrm: Reinject transport-mode packets through workqueue
In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...
CVE-2022-50445
Summary: CVE-2022-50445 is a Linux kernel vulnerability where an attacker could trigger reinjection of transport-mode packets through a workqueue in the XFRM path, potentially leading to system instability. The issue is associated with the 6.x kernel series (example shown: 6.0.0-rc6+ #39) and is ...
CVE-2022-50445 xfrm: Reinject transport-mode packets through workqueue
In the Linux kernel, the following vulnerability has been resolved: xfrm: Reinject transport-mode packets through workqueue The following warning is displayed when the tcp6-multi-diffip11 stress test case of the LTP test suite is tested: watchdog: BUG: soft lockup - CPU0 stuck for 22s!...
PT-2025-40130
Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.0.0-rc6+ through 6.0.0-rc6+ Description The Linux kernel contains a flaw related to the handling of transport-mode packets within the xfrm framework. Specifically, the issue involves the potential for reinjection of the...
CVE-2025-59155
hackmd-mcp is a Model Context Protocol server for integrating HackMD's note-taking platform with AI assistants. From 1.4.0 to before 1.5.0, hackmd-mcp contains a server-side request forgery SSRF vulnerability when the server is run in HTTP transport mode. Arbitrary hackmdApiUrl values supplied vi...
HackMD MCP Server has Server-Side Request Forgery (SSRF) vulnerability
Impact A Server-Side Request Forgery SSRF vulnerability that affects all users running the HackMD MCP server in HTTP mode. Attackers could exploit this vulnerability by passing arbitrary hackmdApiUrl values through HTTP headers Hackmd-Api-Url or base64-encoded JSON query parameters. This allows...