CVE-2026-48516

MessagePack-CSharp vulnerable in the InterfaceLookupFormatter before versions 2.5.301 and 3.1.7 , which constructs an internal Dictionary with the default equality comparer rather than the security-aware comparer from options.Security.GetEqualityComparer(). This omission enables a hash-collision ...

CVE-2026-56697

Nuxt security note: Nuxt versions 4.0.0–4.4.6 and 3.x before 3.21.7 are affected by an open redirect in the reloadNuxtApp function. Protocol-relative paths like //evil.com pass the script-protocol check but resolve to a cross-origin URL against the current page protocol, enabling attackers to red...

CVE-2026-56698

Nuxt CVE-2026-56698 affects Nuxt 4.0.0–4.4.6 and 3.x up to 3.21.6 (versions before the fixed releases). The navigateTo open option fails to validate script-capable URLs, allowing attacker-controlled javascript: URLs to execute arbitrary scripts in the application's origin when user input is passe...

CVE-2026-56357

n8n’s GitHub Webhook Trigger node is affected in versions before 1.123.15 and 2.5.0 due to missing HMAC-SHA256 signature verification. This allows an attacker who knows the webhook URL to send unsigned POST requests, potentially triggering workflows with arbitrary data and spoofing GitHub webhook...

CVE-2026-56348

CVE-2026-56348 affects n8n prior to 2.20.0. A vulnerability in POST /rest/dynamic-node-parameters/options allows an authenticated user to bypass Allowed HTTP Request Domains restrictions, enabling the server to issue HTTP requests with credentials to unauthorized hosts. This can lead to credentia...

CVE-2026-56326

Nuxt.js (versions 4.0.0–4.4.6 and 3.x up to 3.21.6) contains a server-side open redirect vulnerability in navigateTo due to improper validation of path-normalized payloads (e.g., /..//evil.com, /.//evil.com). Attackers can bypass external-host checks via path-normalization techniques to redirect ...

CVE-2026-56324

Capgo contains a rate limit bypass in the channel_self endpoint prior to version 12.128.2. The vulnerability lets an attacker rotate the user-controlled device_id parameter to bypass rate limiting, enabling multiple requests per second and flooding the channel_devices table, potentially causing d...

CVE-2026-56323

Capgo CVE-2026-56323 affects Capgo before 12.128.2. The /functions/v1/channel_self endpoint allows unauthenticated information disclosure, enabling enumeration of non-public channel names, app existence, and subscription status. Remote attackers can issue GET requests with arbitrary app_id to rev...

CVE-2026-56321

Capgo (backend Supabase edge functions) before 12.128.2 fails to apply the global authentication middleware to GET /private/role_bindings/:org_id, unlike POST/DELETE for the same resource. Unaunthenticated requests reach the handler instead of middleware rejection, but the handler still performs ...

CVE-2026-56314

Capgo before 12.128.12 has a flaw in /updates resolution: it does not filter deleted app versions when joining channels, so deleted bundles may remain selectable. This enables attackers to continue deploying deleted bundles to devices via channel version joins due to missing app_versions.deleted ...

CVE-2026-56311

Capgo (before 12.128.2) contains an authorization bypass in public.get_current_plan_max_org RPC that allows unauthenticated access to arbitrary organization plan limits. An attacker can call the RPC with any organization UUID using only the public Supabase key to disclose billing information (MAU...

CVE-2026-56280

Cap-go contains a privilege inversion in the /build/logs/:jobId SSE handling prior to version 12.128.2. An abort listener on the SSE stream unconditionally calls cancelBuildOnDisconnect() using the server-side BUILDER_API_KEY, bypassing the app.build_native permission check required by POST /buil...

CVE-2026-56306

Capgo before 12.128.2 contains a parsing vulnerability in the x-limited-key-id header that can bypass subkey enforcement and let attackers make requests under the main API key context instead of restricted subkey permissions. The issue arises from malformed, zero, or duplicate header values produ...

CVE-2026-56268

Flowise ≤ 3.1.1 is vulnerable via /api/v1/chatflows/apikey/:apikey. The keyonly parameter omission returns chatflows bound to the API key plus unprotected chatflows across all workspaces (no workspace filter). attacker with valid API key can read full ChatFlow configuration (flowData with system ...

CVE-2026-56266

CVE-2026-56266 affects Crawl4AI prior to 0.8.7. The vulnerability is a server-side request forgery in the /crawl, /crawl/stream, /md, and /llm endpoints that fetch arbitrary user‑supplied URLs without validation. Unauthenticated attackers can bypass the internal-address blocklist using IPv6‑mappe...

CVE-2026-56255

Capgo before 12.128.2 contains a denial-of-service vulnerability in POST /app/demo that lets authenticated users with org write permissions create unlimited demo apps without rate limiting or quotas. Each request can trigger around 138 database write operations, leading to degraded performance, h...

CVE-2026-56221

CVE-2026-56221 : Cap-go before 12.128.2 contains SQL injection flaws in cloudflare.ts. User-controlled values from API request bodies are interpolated directly into SQL strings without sanitization or parameterization. Authenticated users with read-level API key permissions can inject arbitrary S...

CVE-2025-71358

CVE-2025-71358 concerns the Python tool picklescan (pre-0.0.29) failing to detect malicious pickle payloads that exploit the function idlelib.autocomplete.AutoComplete.get_entity in reduce methods. When a crafted pickle is loaded with pickle.load(), arbitrary commands can execute, enabling remote...

CVE-2025-71339

Affected software/component: Picklescan (versions prior to 0.0.33). Vulnerability/gadget: The numpy.f2py.crackfortran._eval_length gadget in pickle reduce methods can bypass safety validation, enabling arbitrary code execution when loading crafted pickle files. Impact (as stated): Arbitrary Pytho...

CVE-2025-71344

CVE-2025-71344 affects picklescan prior to 0.0.30 (vulnerable: 0.0.26 and earlier). Malicious pickle files that embed ensurepip._run_pip calls in reduce can bypass detection and enable remote code execution when pickle.load() is used. No exploitation details are provided beyond this description.

CVE-2026-48517

CVE-2026-48517 affects MessagePack for C# where typeless deserialization does not recursively inspect array element types or generic type arguments, allowing a type that is blocked directly to slip through when wrapped in an array or a constructed generic type. The default safety check (ThrowIfDe...

CVE-2026-46488

The GHSA advisory for motionEye (GHSA-r3cw-c95m-wfh9) documents an authentication bypass: the server trusts client-supplied cookies (meye_password_hash and meye_username) as authentication, allowing an unauthenticated attacker to impersonate any user by setting or modifying cookies. The admin cre...

CVE-2026-54911

CVE-2026-54911 (UltraJSON) : The vulnerability affects UltraJSON (C core with Python bindings) where ujson.dumps()/dump()/encode() with reject_bytes=False may accept malformed or truncated UTF-8, silently rewriting to other Unicode characters instead of rejecting. This enables input validation by...

CVE-2026-44311

CVE-2026-44311 (Fabric.js) describes an XSS in which the color value in colorStops of a fabric.Gradient is not properly escaped when serializing to SVG via toSVG(), allowing injected HTML/SVG to be executed if the SVG is rendered into the DOM. Documents confirm the issue affects Fabric.js prior t...

CVE-2026-54281

The CVE concerns NestJS with the Fastify adapter: an authentication bypass exists in @nestjs/platform-fastify before version 11.1.24 when middleware is registered via MiddlewareConsumer.forRoutes(). A trailing slash on the request URL can bypass route-specific Nest middleware on the default Fasti...

CVE-2026-44795

CVE-2026-44795 (Spinnaker YAML deserialization) : The related GitHub advisory describes an unsafe YAML processing vulnerability in Spinnaker that bypasses safe deserialization, enabling arbitrary Java class loading and remote code execution (RCE). The impact applies when using CloudFormation depl...

CVE-2026-44793

Technical details for CVE-2026-44793 are not publicly available in the provided documents. The initial entry is a placeholder; monitor for updates as more information becomes available.

CVE-2026-49468

LiteLLM is a proxy server (AI Gateway) for calling LLM APIs. A host-header parsing flaw could allow authentication bypass by making the auth gate evaluate a different route than dispatched, effectively bypassing access controls under specific conditions. The issue is mitigated by upgrading to 1.8...

CVE-2026-44778

Technical details for CVE-2026-44778 are not publicly available in the provided documents. Monitor for updates as details may be released.

CVE-2026-41479

Authlib’s OAuth 2.0 authorization endpoint is vulnerable to an unauthenticated open redirect when an unsupported response_type is requested and a attacker-controlled redirect_uri is supplied. This occurs before client lookup and any redirect_uri validation, allowing a single request to yield a 30...

CVE-2026-45034

Summary: PhpSpreadsheet before 1.30.5 contains a bypass in File::prohibitWrappers that can be exploited via phar:// wrapper paths (e.g., phar:///path/file.phar/inner). When input contains three or more slashes after the scheme, parse_url can return false, skipping the check and allowing phar wrap...

CVE-2026-44585

Technical details for CVE-2026-44585 are not publicly available in the provided documents. This entry remains reserved; monitor for updates and new disclosures as information becomes available.

CVE-2026-44584

Technical details for CVE-2026-44584 are not publicly available in the provided documents. Monitor for updates; no affected products, impact, or remediation information can be determined from the current data.

CVE-2026-44583

Technical details for CVE-2026-44583 are not publicly available in the provided documents; no affected products, impact, or remediation are specified. Monitor for updates .

CVE-2026-54651

CVE-2026-54651 affects the Python PDF library pypdf prior to version 6.13.1. The issue allows an attacker to craft a PDF that can trigger an infinite loop when merging a file with threads/articles into a writer, potentially impacting availability. The vulnerability is fixed in 6.13.1. Affected co...

CVE-2026-49460

CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...

CVE-2026-49461

CVE-2026-49461 affects the Python PDF library pypdf . The vulnerability occurs before version 6.12.2 and lets an attacker craft a PDF whose page contains a form XObject with self-references, causing large memory usage during text extraction. Impact is memory-related and can affect systems process...

CVE-2026-54531

CVE-2026-54531 affects the pypdf library. Vulnerability: when merging a file containing outlines/bookmarks into a writer, an attacker can craft a PDF that leads to an infinite loop. Affected product: pypdf (Python library for PDF manipulation); vulnerable condition occurs prior to version 6.13.0....

CVE-2026-54530

CVE-2026-54530 – pypdf : A flaw in the pure-Python PDF library allows an attacker to craft a PDF that triggers an infinite loop when performing text extraction in layout mode. Affected versions are prior to 6.13.0. Impact noted as higher for availability. Remediation: upgrade to 6.13.0 (or apply ...

CVE-2026-47242

Net::IMAP (Ruby) CVE-2026-47242 affects versions before 0.6.5 and 0.5.15. The vulnerability arises because Net::IMAP#id (with a hash argument) and Net::IMAP#enable do not properly validate arguments, allowing CRLF or atom-list injections and causing the #to_s value to be sent verbatim. An attacke...

CVE-2026-47240

Summary of CVE-2026-47240 (Net::IMAP, Ruby) : The vulnerability affects Net::IMAP’s IMAP client in Ruby, where several commands accept a “raw data” argument that is validated but could still be exploited if a server does not support non-synchronizing literals. In that case, a server may interpret...

CVE-2026-44203

Technical details are not publicly available in the provided documents for CVE-2026-44203. Monitor for updates.

CVE-2026-39904

Gophish 0.12.1 is affected by a denial-of-service in the ApplyTemplate() path that processes Office documents as ZIP archives. The vulnerability arises from ioutil.ReadAll() on each file entry without sized limits, enabling a zip-bomb payload to cause several gigabytes of in-memory expansion and ...

CVE-2026-47241

Net::IMAP in Ruby (affected: before 0.6.5 and 0.5.15) validates CRLF but may send a user-controlled raw string verbatim, allowing a subsequent command to be absorbed as a continuation of the first. This can cause the first command to fail and block further responses until another command is issue...

CVE-2026-44202

Technical details for CVE-2026-44202 are not publicly available in the provided documents. Monitor for updates as information may be published later.

CVE-2026-44179

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2026-55603

CVE-2026-55603 affects http-proxy-middleware (Node.js). In versions 3.0.4–3.0.7 and 4.1.1, fixRequestBody() rebuilds multipart/form-data by interpolating req.body into the wire format without neutralizing CR/LF. This can let an attacker inject a new multipart part (via unescaped CRLF in keys/valu...

CVE-2026-55599

phpseclib (versions 0.1.1 through 1.0.30, 2.0.55, and 3.0.54) vulnerability: X509::validateSignature() reads a URL from the certificate's Authority Information Access extension and connects to it, enabling an attacker supplying a cert to fully control the outbound connection (host, port, path). T...

CVE-2026-41573

Technical details for CVE-2026-41573 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-33731

Technical details for CVE-2026-33731 are not publicly available in the provided documents. No affected products, impact, vectors, or remediation are specified. Monitor for updates as more information becomes accessible from future disclosures.