PYSEC-2026-118

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.8.16, the OpenCTI platform’s data ingestion feature accepts user-supplied URLs without validation and uses the Axios HTTP client with its default configuration allowAbsoluteUrls: true...

OpenCTI 代码问题漏洞

OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Versions of OpenCTI prior to 6.8.16 had code vulnerabilities. These vulnerabilities stemmed from the data ingestion feature not verifying the URLs provided by users, which could lead to server-side request forgei...

Elastic Kibana URL Redirection Vulnerability (ESA-2021-12)

Elastic Kibana is prone to an URL redirection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...

CVE-2022-22681

Session fixation vulnerability in access control management in Synology Photo Station before 6.8.16-3506 allows remote attackers to bypass security constraint via unspecified vectors...