366232 matches found
CVE-2026-48006
Summary : CVE-2026-48006 relates to Netty’s RedisArrayAggregator leaking pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. This occurs prior to Netty versions 4.1.135.Final and 4.2.15.Final . Root cause : The RedisArrayAggregator retains...
CVE-2026-44975
CVE-2026-44975 (Frappe) : The vulnerability affects the Frappe full‑stack web framework prior to versions 15.107.2 and 16.17.4. An authenticated user can reset onboarding for all users due to missing authorization on the reset form tours. This exposes potential impact on user onboarding state, wi...
CVE-2026-44206
Frappe (full-stack web application framework) contains CVE-2026-44206, where DB Schema Enumeration is possible via a vulnerable endpoint prior to versions 15.107.2 and 16.17.4. The issue has been patched in those versions. The CVSS 4.0 base score is 6.9 (MEDIUM) with network attack vector, low co...
CVE-2026-47691
CVE-2026-47691 affects Netty up to versions 4.1.135.Final and 4.2.15.Final. The issue is in DnsResolveContext bailiwick validation for NS records, where an attacker controlling an authoritative subdomain server can poison the cache for parent domains (e.g., .co.uk). The code path in Authoritative...
CVE-2026-40677
The vulnerability CVE-2026-40677 affects AMD optional tools that use insecure HTTP transport, enabling a potential attacker to perform a man-in-the-middle attack and potentially achieve arbitrary code execution. The issue stems from unencrypted transport within these tools, which could allow inte...
CVE-2026-44207
CVE-2026-44207 affects the Frappe full‑stack web framework. It is an insecure direct object reference (IDOR) that allows authenticated users to access other users’ email configuration details. Affected versions are prior to 15.107.0 and 16.17.0. The issue has been patched in 15.107.0 and 16.17.0....
CVE-2026-5792
CVE-2026-5792 is described as an authentication bypass by spoofing vulnerability in Related Marketing Cloud (RMC) used by Hedef Media Promotion Interactive Media Marketing Inc. The issue affects RMC up to 12052026. The NVD entry provides a CVSS 3.1 base score of 6.5 (Network, Low attack complexit...
CVE-2026-44208
CVE-2026-44208 affects the Frappe framework (full-stack web app). A lack of input/permission validations in the submit_discussion() endpoint allows unauthorized access to resources (IDOR) in affected builds. The issue is fixed in versions 15.107.0 and 16.17.0; prior releases were vulnerable. No e...
CVE-2026-47244
Netty HTTP/2 CVE-2026-47244 affects Netty 4.1.135.Final and 4.2.15.Final. Before patch, DefaultHttp2Connection.DefaultEndpoint initializes maxActiveStreams/maxStreams to Integer.MAX_VALUE and Http2Settings does not insert SETTINGS_MAX_CONCURRENT_STREAMS by default, so a Netty HTTP/2 server can ad...
CVE-2026-44205
CVE-2026-44205 affects the Frappe framework (prior to 15.106.0). The issue is a stored XSS in the user profile image upload path that allows an attacker to execute malicious scripts in the browsers of other users. The vulnerability is mitigated by upgrading to version 15.106.0, where it is patche...
CVE-2026-41581
Frappe framework vulnerability CVE-2026-41581: a possible SQL injection via get_blog_list affects versions prior to 15.106.0 and 16.16.0. The issue has been patched in 15.106.0 and 16.16.0. CVSS 4.0 base score 6.9 (MEDIUM); attack vector NETWORK, authentication NONE required, no user interaction....
CVE-2026-47739
CVE-2026-47739 affects the Frappe framework. Prior to versions 15.106.0 and 16.16.0, a stored XSS vulnerability existed in Note due to insufficient sanitization. The issue is mitigated by upgrading to 15.106.0 or 16.16.0 or later. The CVSS-derived metrics indicate a medium impact with network acc...
CVE-2026-46340
Netty SCTP reassembly vulnerability (CVE-2026-46340) affects netty-transport-sctp before 4.1.135.Final and 4.2.15.Final. For each non-complete SctpMessage fragment, fragments are accumulated by wrapping the previous accumulator with the new slice into a new CompositeByteBuf, creating an unbounded...
CVE-2026-45674
CVE-2026-45674 affects Netty DNS resolution: the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Affected versions are 4.1.135.Final and 4.2.15.Final; the issue is patched in those same versions. Potential impact is DNS cache poisoning via missing bai...
CVE-2026-47141
CVE-2026-47141 affects vm2 NodeVM where diagnostics_channel, async_hooks, and perf_hooks observability builtins were exposed to sandboxed code before patching in vm2 3.11.4. These process‑wide modules can leak host data (e.g., HTTP headers, AsyncResource state, performance entries) into the sandb...
CVE-2026-47210
Summary : CVE-2026-47210 affects the vm2 sandbox prior to version 3.11.4, where a JSPI-backed Promise pathway can bypass Promise species hardening via WebAssembly.promising/WebAssembly.Suspending, potentially exposing a host-originated rejection object to attacker-controlled logic and breaking sa...
CVE-2026-47208
Summary: CVE-2026-47208 affects vm2 prior to 3.11.4, enabling sandbox breakout and potential remote code execution. The root cause is in vm2’s sandbox implementation, where the localPromise constructor manipulates Promise.species and, via a crafted Promise subclass, can trigger a host-realm error...
CVE-2026-47140
CVE-2026-47140 - vm2 NodeVM denylist bypass : The vm2 sandbox (NodeVM) before version 3.11.4 did not block certain host-access primitives: processing modules like process and inspector/promises could be required from sandboxed code to bypass restrictions and execute code in the host process. Root...
CVE-2026-45673
Technical details are not publicly provided in the supplied connected documents. Monitor for updates on the Netty DNS-related vulnerability (CVE-2026-45673) and any published remediation.
CVE-2026-47139
vm2 NodeVM burlon bypass vulnerability exists where public network modules are blocked but internal underscored HTTP builtins (_http_client, _http_server) remain reachable. The issue allows sandboxed code to perform outbound HTTP requests and open listening sockets despite network exclusions, ena...
CVE-2026-47137
Summary (CVE-2026-47137): The vm2 sandbox (NodeVM) had a bypass in versions prior to 3.11.4 where nesting: true with an unspecified require allowed full host RCE. The issue arose because a security check (options.nesting === true && options.require === false) only catches explicit require: false;...
CVE-2026-47135
CVE-2026-47135 vm2 sandbox escape : The vm2 sandbox (Node.js) before 3.11.4 exposes real cross-realm Node.js symbols due to an incomplete Symbol.for override (only blocks two of nine dangerous symbols) and missing isDangerousCrossRealmSymbol checks in bridge write traps (set/defineProperty/delete...
CVE-2026-47131
vm2 prior to 3.11.4 contains a sandbox escape: by using Buffer.call.call with {}.lookupGetter /lookupSetter and Node.js ERR_INVALID_ARG_TYPE, an attacker can obtain the host TypeError constructor and break out of the sandbox, enabling arbitrary code execution. The issue is fixed in vm2 v3.11.4. R...
CVE-2026-47209
vm2 (Node.js sandbox) had a vulnerability in the BaseHandler.set trap that ignores the receiver parameter and always writes to the host target, enabling inherited-property writes to leak onto host objects via prototype chains. This can allow attackers to assign Symbol-keyed properties (e.g., node...
CVE-2026-45536
CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...
CVE-2026-8694
CVE-2026-8694 involves an improper access control flaw in Devolutions PowerShell Universal up to version 2026.1.7, where an unauthenticated remote attacker can obtain the OpenAPI specification of user-defined REST endpoints. The affected component is the OpenAPI/REST endpoint documentation expose...
CVE-2026-6211
CVE-2026-6211 affects Global IT Informatics Services Inc. WEOLL (2.0.9 prior to 3.2.45.33). Root cause: unrestricted upload of files with dangerous types, with ACLs not properly constraining the accessed functionality. Impact: high confidentiality and integrity risk (network-based, low privileges...
CVE-2026-45416
Netty CVE-2026-45416 affects pre-4.1.135.Final and pre-4.2.15.Final versions. In SslClientHelloHandler.decode(), the 24-bit TLS handshake length is read and, if a ClientHello does not fit in the first record, Netty eagerly allocates ctx.alloc().buffer(handshakeLength). If maxClientHelloLength is ...
CVE-2026-44894
Netty's QUIC token handling bug: NoQuicTokenHandler.validateToken() returns 0 (valid) before 4.2.15.Final, causing the server to treat any non-empty Initial token as valid and invoke quiche_accept, lifting anti-amplification limits per RFC 9000. An attacker with a spoofed victim IP can trigger re...
CVE-2026-10557
CVE-2026-10557 concerns the Yarbo Android/iOS mobile applications, where hard-coded MQTT broker credentials are embedded in the application binary and identical across all users/devices. These credentials are extractable via APK decompilation and provide access to cloud MQTT brokers carrying real...
CVE-2026-7368
The CVE covers Yarbo Android/iOS mobile app and Yarbo cloud infrastructure where per-device/user authorization is not enforced. The system allows any client with valid credentials to subscribe to wildcard topics for all robots and publish to any robot’s command topic using only the robot’s serial...
CVE-2026-44893
Netty CVE-2026-44893 affects netty-codec-haproxy prior to 4.1.135.Final and 4.2.15.Final. During PP2_TYPE_SSL TLV decoding, HAProxyMessage.readNextTLV() retains a slice before reading the client (1 byte) and verify (4 bytes). If TLV length
CVE-2026-54133
Technical details (affected versions, impact specifics, and remediation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-53787
Amasty Order Attributes for Magento 2 (versions
CVE-2026-6853
CVE-2026-6853 describes an authentication bypass in Başbelen Group Pause+ Mobile App caused by improper restriction of excessive authentication attempts. Affected versions are Pause+ Mobile App prior to 1.5 (v1.0.6 up to, but not including, 1.5). The CVSS 3.1 base score is 9.8 (CRITICAL), with NE...
CVE-2026-53722
CVE-2026-53722 affects Nuxt.js prior to versions 3.21.7 and 4.4.7, where did not validate URL schemes bound to its to or href before rendering. Attacker-controlled input (query parameters, CMS fields, or user URLs) can be reflected into the href attribute, enabling reflected DOM-based XSS via ja...
CVE-2026-53721
CVE-2026-53721 affects Nuxt (Vue.js framework) earlier branches: 3.11.0–3.21.6 and 4.0.0–4.4.6 are vulnerable to a route-rule middleware bypass caused by a case-sensitivity mismatch between vue-router and the routeRules matcher. The issue has been patched in Nuxt versions 3.21.7 and 4.4.7. The CV...
CVE-2026-11967
CVE-2026-11967 affects MobaXterm Personal Edition (Portable) version 26.3 (Build 5154). The root cause is the application loading winspool.drv from the same directory as the portable executable during startup, allowing an attacker with local access to place a crafted DLL alongside the executable ...
CVE-2026-11879
MobaXterm Personal Edition (Portable) 26.3 (Build 5154) is affected by arbitrary code execution due to DLL loading from a user-modifiable, predictable temporary directory during startup, before the system secure paths are consulted. An attacker with local access can place a crafted DLL in that lo...
CVE-2026-1836
CVE-2026-1836 affects Redmine where the system stores the username and password from the login form after submission. This could allow an attacker with access to the platform to return to the browser and view credentials, compromising confidentiality (high impact). Root cause described as credent...
CVE-2017-20240
CVE-2017-20240 affects Crypt::PBKDF2 for Perl, with versions before 0.261630 vulnerable to timing attacks due to using Perl’s built-in eq comparison. Discrepancies in timing could reveal information about the derived key. Affected software: Crypt::PBKDF2 prior to 0.261630. Root cause: insecure eq...
CVE-2026-12066
CVE-2026-12066 affects PbootCMS up to version 3.2.12. The vulnerability resides in the function retrieve of file apps/home/controller/MemberController.php (Password Handler). Manipulating the arguments username/password/email/checkcode enables weak password recovery; the issue is exploitable remo...
CVE-2026-47200
Nuxt CVE-2026-47200 affects Nuxt 3.11.0–3.21.5 and 4.0.0-alpha.1–4.4.5 with experimental.componentIslands enabled. Server islands under /_nuxt_island/page * for .server.vue pages could bypass route middleware, exposing server-rendered content without Vue Router middleware running. Patch applied i...
CVE-2026-49993
Nuxt (Vue.js) users using the @nuxt/rspack-builder and @nuxt/webpack-builder are affected. The CVE concerns an incomplete fix for GHSA-6m52-m754-pw2g in versions 3.15.4–3.21.6 and 4.0.0–4.4.6, where the dev server could leak source code if bound to a non-loopback address and a malicious site is o...
CVE-2026-45669
Nuxt.js (framework for Vue) versions 3.4.3–3.21.5/3.21.5? and 4.0.0-alpha.1–4.4.5 are affected by a reflected XSS in navigateTo(url, { external: true }) during server-side redirects, where the destination URL is sanitized only for quotes and can break out of content=
CVE-2026-45670
Summary (CVE-2026-45670) Nuxt.js dev-server exposure issue affects @nuxt/webpack-builder and @nuxt/rspack-builder. An incomplete fix for GHSA-4gf7-ff8x-hq99 allowed source-code leakage when the dev server is bound to a non-loopback address (for example, nuxt dev --host) and a user visits a malici...
CVE-2026-46342
Nuxt (Vue.js framework) versions 3.1.0–3.21.5 and 4.0.0-alpha.1–4.4.5 are affected by CVE-2026-46342 due to the /__nuxt_island/* endpoint not binding responses to the request props, allowing attacker-controlled props to influence island component rendering via an unverified URL-resident hash. Thi...
CVE-2026-50012
Technical details for CVE-2026-50012 are not publicly available in the provided documents. No affected products, impact, or remediation are disclosed. Monitor for updates.
CVE-2026-47729
Technical details are not publicly available in the provided documents for CVE-2026-47729. Monitor for updates from sources and the CIRCL sighting.
CVE-2026-12065
Groww Android app (Groww Stock, Mutual Fund, Gold App) up to 20260805 is affected due to improper authorization in the WebView URL Handler for a custom URL scheme. The issue is located in an unknown part of the WebView URL handling logic and can be triggered on a physical device. Exploitation sta...