6 matches found
CVE-2026-42073 OpenClaude's MCP OAuth Callback: State Check Bypass via error Param Leads to DoS
OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Prior to version 0.5.1, the OpenClaude MCP authentication flow starts a temporary local HTTP server to handle OAuth callbacks. To prevent CSRF attacks, the server validates a state parameter...
CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux
OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...
PT-2026-30223
OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...
CVE-2022-4051
creationtimestamp| type| source ---|---|--- 2022-11-17 20:17:48+00:00| seen| https://t.me/cibsecurity/53071...
HPE 3PAR Service Processor Override Access Vulnerability
HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from HPE, USA. An over-the-horizon access vulnerability exists in HPE 3PAR Service Processor versions prior to 5.0.5.1. An attacker could exploit this vulnerability to gain authorized...
CVE-2019-5396
A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor versions: prior to 5.0.5.1...