CVE-2026-8405 IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

CVE-2026-40606

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

PYSEC-2026-92

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

CVE-2026-40606 ProxyAuth Addon LDAP Injection in mitmproxy

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP...

CVE-2026-40606

The CVE affects mitmproxy (and mitmweb as its web interface) where, in versions 12.2.1 and below, the built-in LDAP proxyauth authentication does not sanitize the username correctly when querying the LDAP server. This allows a malicious client to bypass authentication, but only for instances usin...

Linux Distros Unpatched Vulnerability : CVE-2026-40606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmprox...

GHSA-527G-3W9M-29HV mitmproxy has an LDAP Injection

Impact In mitmproxy 12.2.1 and below, the builtin LDAP proxy authentication does not correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. Only mitmproxy instances using the proxyauth option with LDAP are affected. This option is n...

PT-2026-33226

Name of the Vulnerable Software and Affected Versions mitmproxy versions prior to 12.2.2 Description The builtin LDAP proxy authentication fails to correctly sanitize the username when querying the LDAP server. This allows a malicious client to bypass authentication. This issue only affects...

Security Bulletin: Multiple Vulnerabilities in IBM Event Streams

Summary Multiple vulnerabilities were addressed in IBM Event Streams version 12.2.2 Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a...

UBUNTU-CVE-2019-15592

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline...

CVE-2018-2742

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite subcomponent: Framework. Supported versions that are affected are 12.2.2 and 12.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control (CNVD-2015-06826)

Oracle Enterprise Manager Grid Control is a suite of systems management software from Oracle Corporation. The software provides centralized monitoring, lifecycle management and other functions for Oracle IT architecture. enterprise Manager Ops Center is one of the enterprise data center monitorin...