Memory Allocation with Excessive Size Value

Overview OpenTelemetry.OpAmp.Client is an OpAMP Client for OpenTelemetry .NET Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value through the PlainHttpTransport response handling in the OpAMP HTTP transport. An attacker can force the client to allocate...

Improper Validation of Unsafe Equivalence in Input

Overview parse-dashboard is a The Parse Dashboard for Parse Server Affected versions of this package are vulnerable to Improper Validation of Unsafe Equivalence in Input in the ConfigKeyCache process. An attacker can obtain unauthorized access to sensitive master key information by exploiting cac...

CVE-2026-24762

RustFS is a distributed object storage system built in Rust. From versions alpha.13 to alpha.81, RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be...

PT-2026-6208

Name of the Vulnerable Software and Affected Versions RustFS versions alpha.13 through alpha.81 Description RustFS logs sensitive credential material, including access key, secret key, and session token, to application logs at the INFO level. This results in credentials being recorded in plaintex...

CVE-2025-14660

A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can b...

CVE-2025-14660

DecoCMS Mesh vulnerability CVE-2025-14660 affects the Workspace Domain Handler component: function createTool in packages/sdk/src/mcp/teams/api.ts allows manipulation of the domain argument, leading to improper access controls. The flaw can be exploited remotely; attack complexity is high, and th...