4 matches found
CVE-2026-32718
Summary: Coolify prior to 4.0.0-beta.466 exposes a vulnerability where mutating API validation endpoints are protected only by read privileges, allowing read-scoped API tokens to perform state-changing actions (e.g., validating cloud tokens and servers). What’s affected: Coolify (self-hosted) wit...
CVE-2026-10052 Quay/config-tool: quay/config-tool: ssrf via unfiltered ldap and smtp config validation endpoints
A flaw was found in the Quay config-tool's LDAP and SMTP validation functions. An attacker with config editor access can exploit these functions, which make outbound connections to user-supplied endpoints without proper IP or host filtering. This allows the attacker to perform internal network...
EUVD-2024-31750
Malicious code in bioql PyPI...
Denial Of Service (DoS)
matrix-synapse is vulnerable to denial of service. The vulnerability exists due to missing input validation of some parameters on the endpoints used to confirm third-party identifiers...