Lucene search
K
GithubRecent

33187 matches found

Github Security Blog
Github Security Blog
added 2026/04/07 8:13 p.m.14 views

netavark has incorrect error handling for malformed tcp packets

Impact A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. Patches https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1 Workarounds None Credits Thanks to @dkane01 for reporti...

7.5CVSS5.9AI score0.00383EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 8:12 p.m.8 views

OpenTelemetry-Go: multi-value `baggage` header extraction causes excessive allocations (remote dos amplification)

multi-value baggage: header extraction parses each header field-value independently and aggregates members across values. this allows an attacker to amplify cpu and allocations by sending many baggage: header lines, even when each individual value is within the 8192-byte per-value parse limit...

7.5CVSS6AI score0.00435EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.20 views

OpenViking contains a missing authorization vulnerability in the task polling endpoints

OpenViking versions prior to 0.3.3 contain a missing authorization vulnerability in the task polling endpoints that allows unauthorized attackers to enumerate or retrieve background task metadata created by other users. Attackers can access the /api/v1/tasks and /api/v1/tasks/taskid routes withou...

6.9CVSS5.9AI score0.00384EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.5 views

Apache Cassandra has an authenticated DoS over CQL

Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise query latencies via repeated password changes. Users are recommended to upgrade to version 4.0.20, 4.1.11, 5.0.7, which fixes this issue...

6.5CVSS5.8AI score0.00533EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.9 views

Apache Cassandra has sensitive Information Leak in cqlsh

Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via /.cassandra/cqlshhistory local file access. Users are recommended to upgrade to version 4.0.20, which fixes this issue. -- Description:...

5.5CVSS5.9AI score0.00162EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.12 views

Apache Cassandra is vulnerable to privilege escalation in an mTLS environment using MutualTlsAuthenticator

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

8.8CVSS5.9AI score0.00263EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.5 views

yaffa vulnerable to Cross Site Scripting

yaffa v2.0.0 is vulnerable to Cross Site Scripting XSS. An attacker can inject malicious JavaScript into the "Add Account Group" function on the account-group page, allowing execution of arbitrary script in the context of users who view the affected page...

6.1CVSS6.1AI score0.00271EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.16 views

Memory-safety vulnerability in github.com/jackc/pgx/v5.

Memory-safety vulnerability in github.com/jackc/pgx/v5...

9.8CVSS5.8AI score0.00561EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:31 p.m.4 views

pgx contains memory-safety vulnerability

pgx is a pure Go driver and toolkit for PostgreSQL. pgx prior to v5.9.0 contains a memory-safety vulnerability...

9.8CVSS5.7AI score0.00605EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:16 p.m.11 views

Gotenberg has incomplete fix for ExifTool arbitrary file write: case-insensitive bypass and missing HardLink/SymLink tags

Summary The fix for ExifTool arbitrary file write commit 043b158, released in v8.29.0 uses a case-sensitive blocklist to filter dangerous pseudo-tags. ExifTool processes tag names case-insensitively, so alternate casings bypass the filter. The blocklist also omits the HardLink and SymLink...

6.1AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:16 p.m.8 views

Gotenberg Vulnerable to ReDoS via extraHttpHeaders scope feature

Summary Gotenberg uses dlclark/regexp2 to compile user-supplied scope patterns without setting a proper timeout. Users with access to features using this logic can hang workers indefinitely. Details Gotenberg uses dlclark/regexp2 to compile user-supplied scope patterns...

9.8CVSS5.9AI score0.00497EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:16 p.m.3 views

OpenClaw: Android accepted cleartext remote gateway endpoints and sent stored credentials over ws://

Summary Before OpenClaw 2026.4.2, Android accepted non-loopback cleartext ws:// gateway endpoints and would send stored gateway credentials over that connection. Discovery beacons or setup codes could therefore steer the client onto a cleartext remote endpoint. Impact A user who followed a forged...

5.9CVSS6AI score0.00118EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:16 p.m.6 views

OpenClaw: Shared-secret comparison call sites leaked length information through timing

Summary Before OpenClaw 2026.4.2, several shared-secret comparison call sites still used early length-mismatch checks instead of the shared fixed-length comparison helper. Those paths could leak secret-length information through measurable timing differences. Impact The affected paths exposed a...

6.3CVSS5.9AI score0.00225EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.9 views

OpenClaw: Zalo replay dedupe keys could suppress messages across chats or senders

Summary Before OpenClaw 2026.4.2, Zalo webhook replay dedupe keys were not scoped strongly enough across chat and sender dimensions. Legitimate events from different conversations or senders could collide and be dropped as duplicates. Impact Cross-conversation or cross-sender collisions could cau...

6.3CVSS5.9AI score0.00278EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.10 views

OpenClaw: Trailing-dot localhost CDP hosts could bypass remote loopback protections

Summary Before OpenClaw 2026.4.2, remote CDP discovery could return a trailing-dot localhost host such as localhost. and bypass OpenClaw's loopback-host normalization. That let a non-loopback remote CDP profile pivot the follow-up connection back onto localhost. Impact A hostile discovery respons...

6.9CVSS6AI score0.00251EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.7 views

OpenClaw: pnpm dlx approvals did not bind local script operands

Summary Before OpenClaw 2026.4.2, pnpm dlx approval planning did not bind local script operands the same way as related pnpm exec flows. A local script approved through a pnpm dlx path could be replaced before execution without invalidating the approval. Impact An operator could approve a benign...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.10 views

OpenClaw: Windows-compatible env override keys could bypass system.run approval binding

Summary Before OpenClaw 2026.4.2, system-run approval binding normalized environment override keys differently from host execution. Windows-compatible keys could be omitted from the approval binding while still being injected at execution time. Impact An approved command could run with...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.8 views

OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients

Summary Before OpenClaw 2026.4.2, the Gateway connect success snapshot exposed local configPath and stateDir metadata to non-admin clients. Low-privilege authenticated clients could learn host filesystem layout and deployment details that were not needed for their role. Impact A non-admin client...

5.3CVSS5.9AI score0.00283EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.8 views

OpenClaw: Untrusted workspace channel shadows could execute during built-in channel setup

Summary Before OpenClaw 2026.4.2, built-in channel setup and login could resolve an untrusted workspace channel shadow before the plugin was explicitly trusted. A malicious workspace plugin that claimed a bundled channel id could execute during channel setup even while still disabled. Impact A...

8.5CVSS6.3AI score0.00133EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.8 views

OpenClaw: Read-scoped identity-bearing HTTP clients could kill sessions via /sessions/:sessionKey/kill

Summary Before OpenClaw 2026.4.2, POST /sessions/:sessionKey/kill did not enforce write scopes in identity-bearing HTTP modes. A caller limited to read-only operator scopes could still terminate a running subagent session. Impact A read-scoped caller could perform a write-class control-plane...

5.4CVSS5.9AI score0.00187EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.5 views

OpenClaw: iOS A2UI bridge trusted generic local-network pages for agent.request dispatch

Summary Before OpenClaw 2026.4.2, the iOS A2UI bridge treated generic local-network pages as trusted bridge origins. A page loaded from a local-network or tailnet host could trigger agent.request dispatch without the stricter trusted-canvas origin check. Impact A loaded attacker-controlled page...

4.6CVSS6AI score0.00112EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:15 p.m.5 views

OpenClaw: QQ Bot structured payloads could read arbitrary local files

Summary Before OpenClaw 2026.4.2, QQ Bot structured media payloads could read local files from attacker-chosen paths. A crafted structured payload could escape QQ Bot-owned media roots and cause arbitrary file reads on the host. Impact Prompt-influenced structured payload output could exfiltrate...

6AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:14 p.m.7 views

OpenClaw: OpenShell mirror mode could delete arbitrary remote directories when roots were mis-scoped

Summary Before OpenClaw 2026.4.2, the OpenShell mirror backend accepted arbitrary absolute remoteWorkspaceDir and remoteAgentWorkspaceDir values. In mirror mode, those paths were then used as the target of remote cleanup and overwrite operations. Impact If an attacker could influence those...

8.1CVSS6.1AI score0.00371EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:14 p.m.7 views

OpenClaw: Zalo replay dedupe cache could suppress events across authenticated webhook targets

Summary Before OpenClaw 2026.3.31, the Zalo webhook replay-dedupe cache was shared across authenticated webhook targets and keyed too broadly. In multi-account deployments, a replay seen on one account could suppress a legitimate event on another account if eventname and messageid matched. Impact...

5.9AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:14 p.m.5 views

OpenClaw: Pairing pending-request caps were enforced per channel instead of per account

Summary Before OpenClaw 2026.3.31, pending pairing-request caps were enforced per channel file instead of per account. On multi-account channel setups, requests from other accounts could fill the shared pending window and block new pairing challenges on an unaffected account. Impact This issue...

7.5CVSS5.9AI score0.00417EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:14 p.m.6 views

OpenClaw: Forged Nostr DMs could create pairing state before signature verification

Summary Before OpenClaw 2026.3.31, the Nostr DM ingress path could issue pairing challenges before validating the event signature. A forged DM could create a pending pairing entry and trigger a pairing-reply attempt before signature rejection. Impact An unauthenticated remote sender could consume...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:14 p.m.9 views

OpenClaw: Shell init-file options could satisfy exec allowlist script matching

Summary Before OpenClaw 2026.3.31, exec allowlist matching could treat shell init-file wrapper invocations as if the approved script itself were being executed. Shell options such as --rcfile, --init-file, and --startup-file could therefore inherit allowlist trust from a matched script path even...

7.3CVSS6.2AI score0.00118EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.10 views

OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup

Summary OpenShell mirror mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real on shipped = 2026.3.28 - First stable tag...

7.3CVSS6AI score0.00123EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.6 views

OpenClaw: Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send

Summary Gateway operator.write Can Reach Admin-Class Telegram Config and Cron Persistence via send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Telegram config or cron persistence bug, but it is an authenticated...

8.8CVSS5.9AI score0.00232EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.7 views

OpenClaw: `session_status` still bypasses configured `tools.sessions.visibility` for unsandboxed invocations

Summary sessionstatus still bypasses configured tools.sessions.visibility for unsandboxed invocations Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real on shipped v2026.3.22: non-sandboxed sessionstatus skipped the shared visibility guard, but this is a...

5.9AI score
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:11 p.m.6 views

OpenClaw: Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send

Summary Gateway operator.write Can Reach Admin-Class Talk Voice Config Persistence via chat.send Current Maintainer Triage - Status: narrow - Normalized severity: medium - Assessment: Real shipped operator.write to admin-class Talk Voice config persistence bug, but it is the same narrow...

7.1CVSS5.9AI score0.00243EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.8 views

OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config

Summary Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config Current Maintainer Triage - Status: open - Normalized severity: high - Assessment: Real shipped malicious-workspace-config env injection in the CLI backend runner, fixed by sanitizing backend...

8.8CVSS5.9AI score0.00316EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.6 views

OpenClaw: Marketplace Plugin Download Follows Redirects Without SSRF Protection

Summary Marketplace Plugin Download Follows Redirects Without SSRF Protection Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: v2026.3.28 still uses bare redirect-following fetch in src/plugins/marketplace.ts for marketplace archives, and fixed-on-main only doe...

7.6CVSS5.9AI score0.00236EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.5 views

OpenClaw: Tlon media downloads can bypass core safety limits and exhaust disk

Summary Tlon media downloads can bypass core safety limits and exhaust disk Current Maintainer Triage - Status: narrow - Normalized severity: low - Assessment: Shipped v2026.3.28 Tlon media downloads bypassed core size/count/cleanup limits, but this is availability-only resource exhaustion in a...

6.5CVSS5.9AI score0.00343EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:10 p.m.7 views

OpenClaw: `/phone arm`/`/phone disarm` Bypasses `operator.admin` Scope Check for External Channels

Summary /phone arm//phone disarm Bypasses operator.admin Scope Check for External Channels Current Maintainer Triage - Status: open - Normalized severity: medium - Assessment: Maintainers accepted this issue, fixed it in aa66ae1fc797d3298cc409ed2c5da69a89950a45 on 2026-03-27, and that fix shipped...

7.1CVSS5.9AI score0.00331EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:5 p.m.6 views

OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision

Description In OpenFGA, under specific conditions, BatchCheck calls with multiple checks sent for the same object, relation, and user combination can result in improper policy enforcement. Am I affected? You are affected if you meet the following preconditions: 1. You execute BatchCheck operation...

8.8CVSS6AI score0.00211EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 6:4 p.m.5 views

Fedify affected by resource exhaustion caused by unbounded redirect following during remote key/document resolution

Summary @fedify/fedify follows HTTP redirects recursively in its remote document loader and authenticated document loader without enforcing a maximum redirect count or visited-URL loop detection. An attacker who controls a remote ActivityPub key or actor URL can force a server using Fedify to mak...

7.5CVSS5.5AI score0.00551EPSS
Exploits1References7Affected Software2
Github Security Blog
Github Security Blog
added 2026/04/07 3:52 p.m.7 views

Electron: Crash in clipboard.readImage() on malformed clipboard image data

Impact Apps that call clipboard.readImage may be vulnerable to a denial of service. If the system clipboard contains image data that fails to decode, the resulting null bitmap is passed unchecked to image construction, triggering a controlled abort and crashing the process. Apps are only affected...

3.3CVSS6AI score0.00144EPSS
Exploits0References9Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:52 p.m.9 views

Electron: Named window.open targets not scoped to the opener's browsing context

Impact When a renderer calls window.open with a target name, Electron did not correctly scope the named-window lookup to the opener's browsing context group. A renderer could navigate an existing child window that was opened by a different, unrelated renderer if both used the same target name. If...

8.8CVSS6.2AI score0.003EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:48 p.m.8 views

Lupa has a Sandbox escape and RCE due to incomplete attribute_filter enforcement in getattr / setattr

Summary The attributefilter in the Lupa library is intended to restrict access to sensitive Python attributes when exposing objects to Lua. However, the filter is not consistently applied when attributes are accessed through built-in functions like getattr and setattr. This allows an attacker to...

10CVSS6.5AI score0.00613EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:45 p.m.16 views

OpenIdentityPlatform OpenAM: Pre-Authentication Remote Code Execution via `jato.clientSession` Deserialization in OpenAM

Summary OpenIdentityPlatform OpenAM 16.0.5 and likely earlier versions is vulnerable to pre-authentication Remote Code Execution RCE via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypasses the WhitelistObjectInputStream mitigation that was applied to the...

10CVSS7.6AI score0.99999EPSS
Exploits10References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.8 views

Django vulnerable to ASGI header spoofing via underscore/hyphen conflation

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGIRequest allows a remote attacker to spoof headers by exploiting an ambiguous mapping of two header variants with hyphens or with underscores to a single version with underscores. Earlier, unsupported Django...

7.5CVSS5.9AI score0.00436EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.8 views

Django vulnerable to privilege abuse in GenericInlineModelAdmin

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Add permissions on inline model instances were not validated on submission of forged POST data in GenericInlineModelAdmin. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluated a...

9.8CVSS5.8AI score0.00458EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.6 views

Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation

A flaw was found in Open Cluster Management OCM, the technology underlying Red Hat Advanced Cluster Management ACM. Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the OCM controller. This...

8.2CVSS5.8AI score0.00112EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.14 views

Django vulnerable to privilege abuse in ModelAdmin.list_editable

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using ModelAdmin.listeditable incorrectly allowed new instances to be created via forged POST data. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluated a...

2.7CVSS5.8AI score0.00294EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.8 views

Django has potential DoS via MultiPartParser through crafted multipart uploads

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads with Content-Transfer-Encoding: base64 including excessive whitespace. Earlier, unsupported Django series such as...

6.5CVSS5.9AI score0.00689EPSS
Exploits1References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.9 views

Django: SGI requests with a missing or understated `Content-Length` header could bypass the `DATA_UPLOAD_MAX_MEMORY_SIZE` limit

An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...

7.5CVSS5.9AI score0.00769EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.5 views

MLflow is vulnerable to Stored Cross-Site Scripting (XSS) caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface

MLflow is vulnerable to Stored Cross-Site Scripting XSS caused by unsafe parsing of YAML-based MLmodel artifacts in its web interface. An authenticated attacker can upload a malicious MLmodel file containing a payload that executes when another user views the artifact in the UI. This allows actio...

5.4CVSS5.9AI score0.00218EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.8 views

Apache Kafka Clients: Kafka Producer Message Corruption and Misrouting via Buffer Pool Race Condition

A race condition in the Apache Kafka Java producer client’s buffer pool management can cause messages to be silently delivered to incorrect topics. When a produce batch expires due to delivery.timeout.ms while a network request containing that batch is still in flight, the batch’s ByteBuffer is...

8.7CVSS5.9AI score0.00328EPSS
Exploits0References11Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/07 3:30 p.m.3 views

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint used to download saved model artifacts. Due to missing access‑control validation, a user without permissions to a given experiment can directly query this endpoint and retrieve model artifacts they are not authorized to...

5.3CVSS5.9AI score0.00362EPSS
Exploits1References7Affected Software1
Total number of security vulnerabilities33187