CVE-2026-40022 Apache Camel Platform HTTP Main: Authentication Bypass on Non-Root Context Paths in camel main runtime

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

EUVD-2026-25807

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

CVE-2026-40022 Apache Camel Platform HTTP Main: Authentication Bypass on Non-Root Context Paths in camel main runtime

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

EulerOS Virtualization 2.10.0 : libtasn1 (EulerOS-SA-2026-1560)

According to the versions of the libtasn1 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fails to validate the size of input data resulting in a...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2026-1440)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : libtasn1 -- Stack-based buffer overflow (7e63d0dd-eeff-11f0-b135-c01803b56cc4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e63d0dd-eeff-11f0-b135-c01803b56cc4 advisory. oss-security@ list reports: Stack-based buffer overflow in libtasn1 version: v4.20.0. The function fail...

AZL-49152 CVE-2024-43796 affecting package nodejs-nodemon 2.0.3-5

Express.js minimalist web framework for node. In express 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect may execute untrusted code. This issue is patched in express 4.20.0...

Obfusticated Email Address Exfiltration

moq is vulnerable to Email Address Exfiltration. The vulnerability is due to including the SponsorLink.dll in version 4.20.0, which secretly exfiltrates the email address set in the user.email config parameter of git. This email address is hashed and sent to devlooped.com over TLS. The hidden...

Moq v4.20.0-rc to 4.20.1 share hashed user data

Moq v4.20.0-rc to 4.20.1 include support for SponsorLink, which runs an obfuscated DLL at build time that scans local git config data and shares the user's hashed email address with SponsorLink's remote servers. There is no option to disable this. Moq v4.20.2 has removed this functionality...