CVE-2026-5772

A 1-byte stack buffer over-read was identified in the MatchDomainName function src/internal.c during wildcard hostname validation when the LEFTMOSTWILDCARDONLY flag is active. If a wildcard exhausts the entire hostname string, the function reads one byte past the buffer without a bounds check,...

CVE-2026-46431

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server's Access-Control-Allow-Origin response header was hardcoded to the wildcard regardless of the caller's Origin. Because EventSource does not preflight and does not send cookies, the wildcard is sufficient ...

CVE-2026-44372

Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could turn a redirect route rule using wildcards rewrite into a cross-host redirect by sliding an extra slash in after the rule prefix. This vulnerability is fixed in 3.0.260429-beta...

CVE-2026-43886

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, a logic error in OAuthInterface.validateScope uses Array.some to validate requested OAuth scopes, causing the function to accept the entire scope array if any single scope is valid. An attacker can smuggle the...

CVE-2026-47269

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb's denyremote feature checks utmpx utaddrv6 to detect whether an authentication request originates from a remote session. The outer guard was if utent-utaddrv60 != 0, which only tests the first...

CVE-2026-41883

OmniFaces is a utility library for Faces. Prior to versions 1.14.2, 2.7.32, 3.14.16, 4.7.5, and 5.2.3, there is a server-side EL injection leading to Remote Code Execution RCE. This affects applications that use CDNResourceHandler with a wildcard CDN mapping e.g...

CVE-2026-49198

Improper access control in the MQTT broker allows wildcard topic subscriptions, exposing all MQTT traffic to unauthorized actors...

CVE-2026-42810

Apache Polaris accepts literal characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and s3:prefix conditions. In S3 IAM policy matching, is treated as ...

CVE-2026-44895

GitLab MCP Server lets an AI agent talk directly to GitLab. Prior to 0.6.0, the HTTP transport in src/transport.ts ships with no authentication layer at all and a wildcard Access-Control-Allow-Origin: on every response. The structural defect is that the SSE server stands up a stateful,...

CVE-2026-49186

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

EUVD-2026-34200

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

CVE-2026-49186

CVE-2026-49186 : The provided documents describe a vulnerability in a local MQTT broker where topic-level ACLs are not enforced. This allows any client to subscribe with wildcards (# or +) and enumerate hidden devices, or publish rogue control commands. The issue is rooted in missing access contr...

CVE-2026-49186 Lack of MQTT Broker Topic Access Control Lists

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

CVE-2026-49186 Lack of MQTT Broker Topic Access Control Lists

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

CVE-2026-49186

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

PT-2026-46141

The local MQTT broker does not enforce topic-level Access Control Lists ACLs. This allows any client to subscribe using wildcard characters or + to enumerate hidden network devices or publish rogue control commands...

TypiCMS-Search-LIKE-Wildcard-Info-Disclosure

TypiCMS Search LIKE Wildcard Information Disclosure A proof-o...

Protection Mechanism Failure

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Protection Mechanism Failure through the NodeVM builtin wildcard expansion in lib/builtin.js. An attacker can load Node’s private...

OESA-2026-2495 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 f...

OESA-2026-2494 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 f...