6 matches found
PT-2026-47621
Name of the Vulnerable Software and Affected Versions Nebula-Mesh versions prior to 0.3.4 Description An authorization gap in the /api/v1/ route surface allows non-admin operators to obtain broad cross-tenant access. The API trusts the bearer token for authorization without enforcing ownership...
MAL-2026-4771 Malicious code in strawberry-graphql (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb433a0339783d1a58993e1611278218492a4349a80801e6c6a2d475278a99c This package is published under the strawberry-graphql name but diverges from the legitimate upstream by declaring a hard runtime dependency on...
CVE-2026-41693
i18next-fs-backend is a backend layer for i18next using in Node.js and for Deno to load translations from the filesystem. Prior to version 2.6.4, i18next-fs-backend substitutes the lng and ns options directly into the configured loadPath / addPath templates and then read / write the resulting fil...
@blubox/body-parser (>=1.0.0 <=1.0.1), @breautek/storm (>=8.0.0 <=8.4.0) +70 more potentially affected by CVE-2025-46653 via formidable (>=3.2.4 <=3.5.2)
formidable NPM version =3.2.4, =1.0.0, =8.0.0, =0.0.1, =0.0.1, =0.0.1, =3.4.4, =0.1036.4000, =40.0.1, =1.2.1, =0.2.14, =16.0.1, =2.13.1, =2.15.3 and more Source cves: CVE-2025-46653 Source advisory: OSV:GHSA-75V8-2H7P-7M2M...
GHSA-2CQF-6XV9-F22W Elasticsearch vulnerable to Uncontrolled Resource Consumption
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...
UBUNTU-CVE-2023-31418
An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and...