33227 matches found
Apache Thrift vulnerable to Path Traversal, HTTP Request/Response Splitting, Uncontrolled Resource Consumption
Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting', Uncontrolled Resource Consumption vulnerability in Apache Thrift. This issue affects Apache Thrift:...
Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in formDataToStream
Summary The FormDataPart constructor in lib/helpers/formDataToStream.js interpolates value.type directly into the Content-Type header of each multipart part without sanitizing CRLF \r\n sequences. An attacker who controls the .type property of a Blob/File-like object e.g., via a user-uploaded fil...
Axios: no_proxy bypass via IP alias allows SSRF
The fix for noproxy hostname normalization bypass 10661 is incomplete.When noproxy=localhost is set, requests to 127.0.0.1 and ::1 still route through the proxy instead of bypassing it. The shouldBypassProxy function does pure string matching — it does not resolve IP aliases or loopback...
Axios: unbounded recursion in toFormData causes DoS via deeply nested request data
Summary toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a RangeError. Details lib/helpers/toFormData.js:210 defines an inner buildvalue, path that recurses into every object/array child line 225:...
Axios' HTTP adapter-streamed uploads bypass maxBodyLength when maxRedirects: 0
Summary For stream request bodies, maxBodyLength is bypassed when maxRedirects is set to 0 native http/https transport path. Oversized streamed uploads are sent fully even when the caller sets strict body limits. Details Relevant flow in lib/adapters/http.js: - 556-564: maxBodyLength check applie...
Hashicorp Boundary workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes
Boundary Community Edition and Boundary Enterprise "Boundary" workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the worker authentication listener may open a connection and delay or withhold the client certificate...
Axios: HTTP adapter streamed responses bypass maxContentLength
Summary When responseType: 'stream' is used, Axios returns the response stream without enforcing maxContentLength. This bypasses configured response-size limits and allows unbounded downstream consumption. Details In lib/adapters/http.js: - 786-789: for responseType === 'stream', Axios immediatel...
Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking
Summary When Object.prototype has been polluted by any co-dependency with keys that axios reads without a hasOwnProperty guard, an attacker can a silently intercept and modify every JSON response before the application sees it, or b fully hijack the underlying HTTP transport, gaining access to...
Axios: Header Injection via Prototype Pollution
Summary A prototype pollution gadget exists in the Axios HTTP adapter lib/adapters/http.js that allows an attacker to inject arbitrary HTTP headers into outgoing requests. The vulnerability exploits duck-type checking of the data payload, where if Object.prototype is polluted with getHeaders,...
Axios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion
Vulnerability Disclosure: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in withXSRFToken Boolean Coercion Summary The Axios library's XSRF token protection logic uses JavaScript truthy/falsy semantics instead of strict boolean comparison for the withXSRFToken config property. Whe...
Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy
Vulnerability Disclosure: Authentication Bypass via Prototype Pollution Gadget in validateStatus Merge Strategy Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution to silently suppress all HTTP error responses 401, 403, 500,...
Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0
Executive Summary This report documents an incomplete security patch for the previously disclosed vulnerability GHSA-3p68-rc4w-qgx5 CVE-2025-62718, which affects the NOPROXY hostname resolution logic in the Axios HTTP library. Background — The Original Vulnerability The original vulnerability...
Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`
Vulnerability Disclosure: Invisible JSON Response Tampering via Prototype Pollution Gadget in parseReviver Summary The Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into surgical...
Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking
Summary Five config properties in the HTTP adapter are read via direct property access without hasOwnProperty guards, making them exploitable as prototype pollution gadgets. When Object.prototype is polluted by another dependency in the same process, axios silently picks up these polluted values ...
Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
Vulnerability Disclosure: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams Summary The encode function in lib/helpers/AxiosURLSearchParams.js contains a character mapping charMap at line 21 that reverses the safe percent-encoding of null bytes. After encodeURIComponent'\x00'...
ogham-mcp had credentials embedded in published PyPI sdists -- Neon postgres URLs and Voyage API key
Summary Between 2026-02 and 2026-04-24 a total of 22 public PyPI sdists of ogham-mcp contained development credentials embedded in source files. All credentials have since been rotated on the respective providers. No known exploitation. Upgrade to v0.11.1 to get a clean release. What was leaked |...
sequoia-git has broken hard revocation handling
Before sq-git checks if a commit can be authenticated, it first looks for hard revocations. Because parsing a policy is expensive and a project's policy rarely changes, sq-git has an optimization to only check a policy if it hasn't checked it before. It does this by maintaining a set of policies...
webonyx/graphql-php has quadratic validation cost in OverlappingFieldsCanBeMerged via inline fragments
Summary OverlappingFieldsCanBeMerged validation rule has On^2 x m^2 worst case via flattened inline fragments. The CVE-2023-26144 named-fragment cache does not cover inline fragments. A 364 KB query 200 outer x 100 inner inline fragments consumes 117 seconds of CPU per request, with no comparison...
livewire-markdown-editor has arbitrary file upload that allows stored XSS via attachment handler
Impact All versions of mckenziearts/livewire-markdown-editor prior to v1.3 contain a critical arbitrary file upload vulnerability in the MarkdownEditor::updatedAttachments Livewire handler. The handler calls $file-store with no server-side validation of MIME type, extension, or file content. Any...
pyload-ng: non-admin SETTINGS users can redirect all outbound traffic through an attacker-controlled proxy via unrestricted `proxy.*` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)
Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The allowlist contains "proxy", "username" and "proxy", "password" — which protect the proxy credentials — but i...
pyload-ng: non-admin SETTINGS users can disable outbound TLS peer verification via unrestricted `ssl_verify` config (incomplete fix for CVE-2026-33509 / -35463 / -35464 / -35586)
Summary The setconfigvalue API method @permissionPerms.SETTINGS in src/pyload/core/api/init.py gates security-sensitive options behind a hand-maintained allowlist ADMINONLYCOREOPTIONS. The option "general", "sslverify" is not on that allowlist. Any authenticated user with the non-admin SETTINGS...
net-imap vulnerable to command Injection via "raw" arguments to multiple commands
Summary Several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain contain CRLF sequences, which an attacker can use to inject arbitrary IMAP commands. Details Net::IMAP's...
net-imap vulnerable to command Injection via unvalidated Symbol inputs
Summary Symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. Details Symbol arguments represent IMAP "system flags", which are formatted as "atoms" with no quoting with a "" prefix. Vulnerable versions of Net::IMAP...
net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
Summary When authenticating a connection with SCRAM-SHA1 or SCRAM-SHA256, a hostile server can perform a computational denial-of-service attack on the client process by sending a big iteration count value. Details A hostile IMAP server can send an arbitrarily large PBKDF2 iteration count in the...
net-imap has quadratic complexity when reading response literals
Summary Net::IMAP::ResponseReader has quadratic time complexity when reading large responses containing many string literals. A hostile server can send responses which are crafted to exhaust the client's CPU for a denial of service attack. Details For each literal in a response, ResponseReader...
net-imap vulnerable to STARTTLS stripping via invalid response timing
Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...
`mysten-metrics` was removed from crates.io for malicious code
mysten-metrics included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...
`sui-execution-cut` was removed from crates.io for malicious code
sui-execution-cut included a build script that attempted to exfiltrate data from the build machine. The malicious crate had 1 version published on 2026-04-20 and had no evidence of actual usage. This crate had no dependencies on crates.io...
IKUS Rdiffweb allows an attacker with any valid or stolen access token to act as other users
IKUS Rdiffweb version 2.10.5 and below have an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify...
OpenSTAManager contains an arbitrary file upload vulnerability in its module update functionality
OpenSTAManager versions 2.10 and earlier contain an arbitrary file upload vulnerability in the module update functionality modules/aggiornamenti/uploadmodules.php...
ArchiveBox Vulnerable to RCE via unvalidated per-crawl config overrides in AddView
The /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins run, allowing injection of arbitrary tool arguments to achieve RCE. When PUBLICADDVIEW=True comm...
apko doesn't verify downloaded apk packages against APKINDEX checksum (package substitution possible)
apko verifies the signature on APKINDEX.tar.gz but never compares individually downloaded .apk packages against the checksum recorded in the signed index. The checksum is parsed and available via ChecksumString, and the downloaded package control hash is computed, but the two values are never...
apko dirFS has a symlink-following path traversal that allows multiple entry points to escape the build root
Impact A crafted .apk could install a TypeSymlink tar entry whose target pointed outside the build root, and a subsequent directory-creation or file-write entry in the same or later archive could traverse that symlink to reach host paths the build user could write to. The root cause was the...
apko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discovery
DiscoverKeys in pkg/apk/apk/implementation.go unconditionally type-asserts JWKS keys as rsa.PublicKey without checking the key type. If a repository JWKS endpoint returns a non-RSA key e.g. EC, the unchecked assertion panics and crashes apko. This affects any workflow that initializes the APK...
Pelican Web UI Affected by a Privilege Escalation Attack
Background On April 2nd, 2026, a Claude coding agent alerted Pelican PI Brian Bockelman to a privilege escalation vulnerability affecting Pelican's Web User Interface WebUI for various versions between v7.21 and v7.24. Upon further investigation, the Pelican team discovered this attack allows any...
phpVMS has an /importer authorization bypass causing full database wipe
Security Advisory: Unauthenticated Access to Legacy Import Feature Severity: Critical Affected versions: phpVMS 7.x up to 7.0.5 Fixed in: v7.0.6 Component: Legacy importer Summary A critical vulnerability in phpVMS 7.x allowed unauthenticated access to a legacy import feature. Although this featu...
AzuraCast Vulnerable to Liquidsoap Code Injection via Incomplete cleanUpString-to-toRawString Migration in Remote Relay Password Field
Summary The cleanUpString method in ConfigWriter.php uses an ungreedy regex to strip Liquidsoap string interpolation patterns ... from user input. This regex can be bypassed via nested interpolation syntax EXPR, allowing injection of arbitrary Liquidsoap code. Commit ff49ef4 migrated most...
AzuraCast has Missing Permissions Check on Media File Download, Allowing Cross-Station Data Exfiltration
Summary The GET /api/station/stationid/file/id/play endpoint, handled by PlayAction, is missing the Middleware\Permissions check that protects all sibling routes in the same /file/id route group. Any authenticated user can download media files from any station, regardless of whether they have...
AzuraCast's Missing RequireInternalConnection on Liquidsoap API Allows Low-Privilege Metadata Injection and Broadcast Disruption
Summary The /api/internal/stationid/liquidsoap/action endpoint is accessible from the public web interface because it lacks the RequireInternalConnection middleware that protects other internal endpoints /sftp-auth, /sftp-event. Combined with a logic flaw where the $asAutoDj flag is set based on...
AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass
Summary The ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with no trusted proxy allowlist. An unauthenticated attacker can poison the password reset URL sent to any user by injecting this header when triggering the forgot-password flow. When th...
AzuraCast has Path Traversal in `currentDirectory` Parameter that Enables Remote Code Execution via Media Upload
Summary The currentDirectory request parameter in the Flow.js media upload endpoint POST /api/station/stationid/files/upload is not sanitized for path traversal sequences. When combined with a local filesystem storage backend the default, an authenticated user with media management permissions ca...
quarkus-openapi-generator has overly broad path-parameter matching that sends authentication headers to unintended operations
Summary The generated authentication filter matches OpenAPI path templates too broadly when deciding whether to attach credentials. A security scheme configured for one operation can therefore be applied to a different same-method operation whose path only partially resembles the protected...
Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns
Impact A security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf up to and including 3.1.4.RELEASE. Although the library provides mechanisms to avoid the execution of potentially dangerous expressions in some specific sandboxed restricted contexts, it fails to...
OpenClaw's Gateway Control UI bootstrap config required Gateway auth
Summary Gateway Control UI bootstrap config required Gateway auth. Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact When Gateway authentication was enabled, the Control UI bootstrap config endpoint could still be read without ...
OpenClaw: OpenShell FS bridge reads pin and verify the opened file before returning bytes
Summary OpenShell FS bridge reads pin and verify the opened file before returning bytes Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A time-of-check/time-of-use race around OpenShell sandbox filesystem reads could let a...
OpenClaw: OpenShell FS bridge writes stay pinned to the sandbox mount root
Summary OpenShell FS bridge writes stay pinned to the sandbox mount root Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact A time-of-check/time-of-use race around OpenShell sandbox filesystem writes could let a symlink swap...
changedetection.io project has an XXE vulnerability
changedetection.ioXXE01 Vulnerability Report: We discovered a XXE vulnerability in the changedetection.io project While analyzing the code logic, it was determined that an area may lead to unintended behavior under specific conditions. With the project's security in mind, see the analysis results...
Signal K Server's WebSocket Login Endpoint Lacks Rate Limiting (Credential Brute-Force)
Summary The HTTP login endpoints POST /login and POST /signalk/v1/auth/login are protected by express-rate-limit default: 100 attempts per 10-minute window, configurable via HTTPRATELIMITS. The WebSocket login path — sending login: username, password messages over an established WebSocket...
CI4MS has a Deactivated User Session Bypass (active=0)
Summary The auth filter has the deactivated/banned user check commented out. Details CodeIgniter Shield's loggedIn re-checks the status field catching status='banned', but does not re-check the active field for existing sessions. When an admin deactivates a user active=0 after they have already...
CI4MS Vulnerable to Arbitrary Database Table Drop via Theme deleteProcess
Summary The deleteProcess action accepts a POST parameter tables containing arbitrary table names. These are passed directly to $forge-dropTable without validating that the tables belong to the theme being deleted. The deleteConfirm view correctly populates tables from the theme's own migration...