DEV Community

CVE Reports profile picture

CVE Reports

CVEReports provides daily, automated deep-dives into the latest vulnerabilities, transforming emerging threats into comprehensive technical intelligence.

Joined Joined on  Personal website https://www.cvereports.com
CVE-2023-49316: CVE-2023-49316: Denial of Service via Unbounded Degree in phpseclib Binary Finite Fields
cverports profile

CVE-2023-49316: CVE-2023-49316: Denial of Service via Unbounded Degree in phpseclib Binary Finite Fields

#security #cve #cybersecurity
Comments
2 min read
GHSA-MV93-W799-CJ2W: GHSA-MV93-W799-CJ2W: Remote Code Execution via Config Section Injection in GitPython
cverports profile

GHSA-MV93-W799-CJ2W: GHSA-MV93-W799-CJ2W: Remote Code Execution via Config Section Injection in GitPython

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-6860: CVE-2026-6860: Unbounded SNI Cache Growth in Eclipse Vert.x
cverports profile

CVE-2026-6860: CVE-2026-6860: Unbounded SNI Cache Growth in Eclipse Vert.x

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-V6WJ-C83F-V46X: GHSA-v6wj-c83f-v46x: Critical OS Command Injection in @profullstack/mcp-server domain_lookup Module
cverports profile

GHSA-V6WJ-C83F-V46X: GHSA-v6wj-c83f-v46x: Critical OS Command Injection in @profullstack/mcp-server domain_lookup Module

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-QHH4-458H-XWH2: GHSA-qhh4-458h-xwh2: Credential Leakage via Origin Validation Error in cdxgen
cverports profile

GHSA-QHH4-458H-XWH2: GHSA-qhh4-458h-xwh2: Credential Leakage via Origin Validation Error in cdxgen

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-32689: CVE-2026-32689: Denial of Service in Phoenix Framework LongPoll Transport via NDJSON Payload Amplification
cverports profile

CVE-2026-32689: CVE-2026-32689: Denial of Service in Phoenix Framework LongPoll Transport via NDJSON Payload Amplification

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-44499: CVE-2026-44499: Permanent Block Discovery Halt in Zebra via Gossip Queue Saturation
cverports profile

CVE-2026-44499: CVE-2026-44499: Permanent Block Discovery Halt in Zebra via Gossip Queue Saturation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-6322: CVE-2026-6322: Host Confusion via Interpretation Conflict in fast-uri
cverports profile

CVE-2026-6322: CVE-2026-6322: Host Confusion via Interpretation Conflict in fast-uri

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-43944: CVE-2026-43944: Arbitrary Local Code Execution in electerm via Malicious Deep Links
cverports profile

CVE-2026-43944: CVE-2026-43944: Arbitrary Local Code Execution in electerm via Malicious Deep Links

#security #cve #cybersecurity
Comments
2 min read
GHSA-7HGR-XVRR-XPW3: GHSA-7HGR-XVRR-XPW3: Session Persistence After Password Change in Nhost hasura-auth
cverports profile

GHSA-7HGR-XVRR-XPW3: GHSA-7HGR-XVRR-XPW3: Session Persistence After Password Change in Nhost hasura-auth

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-6321: CVE-2026-6321: Path Traversal in fast-uri via Improper Normalization Order
cverports profile

CVE-2026-6321: CVE-2026-6321: Path Traversal in fast-uri via Improper Normalization Order

#security #cve #cybersecurity
Comments
2 min read
GHSA-8G7G-HMWM-6RV2: GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp
cverports profile

GHSA-8G7G-HMWM-6RV2: GHSA-8g7g-hmwm-6rv2: Path Traversal, SSRF, and Information Exposure in n8n-mcp

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-2CM2-M3W5-GP2F: GHSA-2CM2-M3W5-GP2F: Remote Code Execution via Transformer Bypass in vm2
cverports profile

GHSA-2CM2-M3W5-GP2F: GHSA-2CM2-M3W5-GP2F: Remote Code Execution via Transformer Bypass in vm2

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-3V85-FQVH-7RXF: GHSA-3V85-FQVH-7RXF: Stored Cross-Site Scripting in Ech0 RSS Feed Generation
cverports profile

GHSA-3V85-FQVH-7RXF: GHSA-3V85-FQVH-7RXF: Stored Cross-Site Scripting in Ech0 RSS Feed Generation

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-RGJ7-VG8V-J4WR: GHSA-RGJ7-VG8V-J4WR: Unauthenticated Engagement Metric Inflation in Ech0
cverports profile

GHSA-RGJ7-VG8V-J4WR: GHSA-RGJ7-VG8V-J4WR: Unauthenticated Engagement Metric Inflation in Ech0

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-PJ6Q-4VQ4-R8CG: GHSA-PJ6Q-4VQ4-R8CG: Unauthenticated Resource Exhaustion and State Manipulation in Ech0 API
cverports profile

GHSA-PJ6Q-4VQ4-R8CG: GHSA-PJ6Q-4VQ4-R8CG: Unauthenticated Resource Exhaustion and State Manipulation in Ech0 API

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-8MC6-XJPR-H98X: GHSA-8MC6-XJPR-H98X: Server-Side Request Forgery (SSRF) in Ech0 fetchPeerConnectInfo
cverports profile

GHSA-8MC6-XJPR-H98X: GHSA-8MC6-XJPR-H98X: Server-Side Request Forgery (SSRF) in Ech0 fetchPeerConnectInfo

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FPW6-HRG5-Q5X5: GHSA-FPW6-HRG5-Q5X5: Irrevocable Access Tokens and Nil-Pointer Dereference in Ech0
cverports profile

GHSA-FPW6-HRG5-Q5X5: GHSA-FPW6-HRG5-Q5X5: Irrevocable Access Tokens and Nil-Pointer Dereference in Ech0

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-J7H9-2JH7-G967: GHSA-j7h9-2jh7-g967: Path Policy Bypass and Timing Side-Channel in mcp-ssh-tool
cverports profile

GHSA-J7H9-2JH7-G967: GHSA-j7h9-2jh7-g967: Path Policy Bypass and Timing Side-Channel in mcp-ssh-tool

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-V7QW-HX66-4W9X: GHSA-v7qw-hx66-4w9x: Stored Cross-Site Scripting (XSS) in NetBox Data Flows Plugin
cverports profile

GHSA-V7QW-HX66-4W9X: GHSA-v7qw-hx66-4w9x: Stored Cross-Site Scripting (XSS) in NetBox Data Flows Plugin

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-P64J-F4X9-WQ66: GHSA-P64J-F4X9-WQ66: OAuth Redirect URI Path Truncation in Ech0 Leads to Authorization Code Theft
cverports profile

GHSA-P64J-F4X9-WQ66: GHSA-P64J-F4X9-WQ66: OAuth Redirect URI Path Truncation in Ech0 Leads to Authorization Code Theft

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client
cverports profile

GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-GR3R-CRP5-QRRM: GHSA-GR3R-CRP5-QRRM: Supply Chain Compromise in intercom-php via Malicious Composer Plugin
cverports profile

GHSA-GR3R-CRP5-QRRM: GHSA-GR3R-CRP5-QRRM: Supply Chain Compromise in intercom-php via Malicious Composer Plugin

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-39804: CVE-2026-39804: Remote Code Execution and DoS via Bandit WebSocket Permessage-Deflate Resource Exhaustion
cverports profile

CVE-2026-39804: CVE-2026-39804: Remote Code Execution and DoS via Bandit WebSocket Permessage-Deflate Resource Exhaustion

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42786: CVE-2026-42786: Unbounded WebSocket Fragmented Message Reassembly Denial of Service in Bandit
cverports profile

CVE-2026-42786: CVE-2026-42786: Unbounded WebSocket Fragmented Message Reassembly Denial of Service in Bandit

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-20188: CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO
cverports profile

CVE-2026-20188: CVE-2026-20188: Uncontrolled Resource Consumption in Cisco CNC and NSO

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-39805: CVE-2026-39805: CL.CL HTTP Request Smuggling in Bandit Web Server
cverports profile

CVE-2026-39805: CVE-2026-39805: CL.CL HTTP Request Smuggling in Bandit Web Server

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-39807: CVE-2026-39807: Transport-State Spoofing via Untrusted URI Scheme in Bandit HTTP Server
cverports profile

CVE-2026-39807: CVE-2026-39807: Transport-State Spoofing via Untrusted URI Scheme in Bandit HTTP Server

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42788: CVE-2026-42788: HTTP/2 Frame Size Limit Bypass and Memory Exhaustion in Bandit
cverports profile

CVE-2026-42788: CVE-2026-42788: HTTP/2 Frame Size Limit Bypass and Memory Exhaustion in Bandit

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-MMPX-JH39-WRV6: GHSA-MMPX-JH39-WRV6: Stored Cross-Site Scripting in FileBrowser Quantum via SVG Rendering
cverports profile

GHSA-MMPX-JH39-WRV6: GHSA-MMPX-JH39-WRV6: Stored Cross-Site Scripting in FileBrowser Quantum via SVG Rendering

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-FPF5-4JW8-67X8: GHSA-FPF5-4JW8-67X8: Unbounded Memory Allocation in rust-zserio
cverports profile

GHSA-FPF5-4JW8-67X8: GHSA-FPF5-4JW8-67X8: Unbounded Memory Allocation in rust-zserio

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-FC67-C4HG-Q653: CVE-2026-7461: OS Command Injection in Amazon ECS Agent for Windows via FSx Volume Credentials
cverports profile

GHSA-FC67-C4HG-Q653: CVE-2026-7461: OS Command Injection in Amazon ECS Agent for Windows via FSx Volume Credentials

#security #cve #cybersecurity
1
Comments
2 min read
GHSA-9G2Q-W3W2-VF7Q: GHSA-9G2Q-W3W2-VF7Q: Improper Authorization and IDOR in Kimai Timesheet Management
cverports profile

GHSA-9G2Q-W3W2-VF7Q: GHSA-9G2Q-W3W2-VF7Q: Improper Authorization and IDOR in Kimai Timesheet Management

#security #cve #cybersecurity #ghsa
1
Comments
2 min read
GHSA-VRQV-52X7-RM4V: GHSA-VRQV-52X7-RM4V: Information Exposure via Unrestricted Twig config() Function in Kimai
cverports profile

GHSA-VRQV-52X7-RM4V: GHSA-VRQV-52X7-RM4V: Information Exposure via Unrestricted Twig config() Function in Kimai

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2024-27354: CVE-2024-27354: Computational Denial of Service via Unbounded Primality Testing in phpseclib
cverports profile

CVE-2024-27354: CVE-2024-27354: Computational Denial of Service via Unbounded Primality Testing in phpseclib

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42223: CVE-2026-42223: Authenticated Sensitive Information Disclosure in Nginx UI
cverports profile

CVE-2026-42223: CVE-2026-42223: Authenticated Sensitive Information Disclosure in Nginx UI

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-6970: CVE-2026-6970: Local Privilege Escalation via Improper GID Assignment in Canonical authd
cverports profile

CVE-2026-6970: CVE-2026-6970: Local Privilege Escalation via Improper GID Assignment in Canonical authd

#security #cve #cybersecurity
Comments
2 min read
GHSA-MGGX-P7JF-JGW4: GHSA-mggx-p7jf-jgw4: Remote Code Execution via FreeMarker Template Injection in Jdbi
cverports profile

GHSA-MGGX-P7JF-JGW4: GHSA-mggx-p7jf-jgw4: Remote Code Execution via FreeMarker Template Injection in Jdbi

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-7WW3-XVF5-CXWM: GHSA-7ww3-xvf5-cxwm: Missing Defense-in-Depth HTTP Headers in ciguard Web UI
cverports profile

GHSA-7WW3-XVF5-CXWM: GHSA-7ww3-xvf5-cxwm: Missing Defense-in-Depth HTTP Headers in ciguard Web UI

#security #cve #cybersecurity #ghsa
Comments
2 min read
GHSA-FW8G-CG8F-9J28: GHSA-FW8G-CG8F-9J28: Stored Cross-Site Scripting in Prometheus Legacy Web UI Heatmap
cverports profile

GHSA-FW8G-CG8F-9J28: GHSA-FW8G-CG8F-9J28: Stored Cross-Site Scripting in Prometheus Legacy Web UI Heatmap

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-42220: CVE-2026-42220: Privilege Escalation via Information Disclosure in Nginx UI
cverports profile

CVE-2026-42220: CVE-2026-42220: Privilege Escalation via Information Disclosure in Nginx UI

#security #cve #cybersecurity
Comments
2 min read
CVE-2025-8267: CVE-2025-8267: Server-Side Request Forgery Bypass via Multicast Address Exclusion in ssrfcheck
cverports profile

CVE-2025-8267: CVE-2025-8267: Server-Side Request Forgery Bypass via Multicast Address Exclusion in ssrfcheck

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42154: CVE-2026-42154: Unauthenticated Denial of Service via Snappy Bomb in Prometheus Remote Read Endpoint
cverports profile

CVE-2026-42154: CVE-2026-42154: Unauthenticated Denial of Service via Snappy Bomb in Prometheus Remote Read Endpoint

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42080: CVE-2026-42080: Arbitrary File Write and Path Traversal in PPTAgent MCP Server
cverports profile

CVE-2026-42080: CVE-2026-42080: Arbitrary File Write and Path Traversal in PPTAgent MCP Server

#security #cve #cybersecurity
Comments
2 min read
GHSA-R7CG-QJJM-XHQQ: GHSA-R7CG-QJJM-XHQQ: Unbounded Recursion Denial of Service in webonyx/graphql-php
cverports profile

GHSA-R7CG-QJJM-XHQQ: GHSA-R7CG-QJJM-XHQQ: Unbounded Recursion Denial of Service in webonyx/graphql-php

#security #cve #cybersecurity #ghsa
Comments
2 min read
CVE-2026-26956: CVE-2026-26956: WebAssembly Exception Handling Sandbox Escape in vm2
cverports profile

CVE-2026-26956: CVE-2026-26956: WebAssembly Exception Handling Sandbox Escape in vm2

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-24120: CVE-2026-24120: Remote Code Execution via Promise Species Hijacking in vm2 Sandbox
cverports profile

CVE-2026-24120: CVE-2026-24120: Remote Code Execution via Promise Species Hijacking in vm2 Sandbox

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42040: CVE-2026-42040: Null Byte Injection via Improper Parameter Serialization in Axios
cverports profile

CVE-2026-42040: CVE-2026-42040: Null Byte Injection via Improper Parameter Serialization in Axios

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-41907: CVE-2026-41907: Out-of-Bounds Write in uuid npm Package via Missing Boundary Checks
cverports profile

CVE-2026-41907: CVE-2026-41907: Out-of-Bounds Write in uuid npm Package via Missing Boundary Checks

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42044: CVE-2026-42044: Invisible JSON Response Tampering via Prototype Pollution Gadget in Axios
cverports profile

CVE-2026-42044: CVE-2026-42044: Invisible JSON Response Tampering via Prototype Pollution Gadget in Axios

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42043: CVE-2026-42043: Axios NO_PROXY Protection Bypass via RFC 1122 Loopback Subnet
cverports profile

CVE-2026-42043: CVE-2026-42043: Axios NO_PROXY Protection Bypass via RFC 1122 Loopback Subnet

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42041: CVE-2026-42041: Prototype Pollution Gadget in Axios Leading to Authentication Bypass
cverports profile

CVE-2026-42041: CVE-2026-42041: Prototype Pollution Gadget in Axios Leading to Authentication Bypass

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42042: CVE-2026-42042: XSRF Token Cross-Origin Leakage via Prototype Pollution in Axios
cverports profile

CVE-2026-42042: CVE-2026-42042: XSRF Token Cross-Origin Leakage via Prototype Pollution in Axios

#security #cve #cybersecurity
1
Comments
2 min read
CVE-2026-42035: CVE-2026-42035: Axios Header Injection via Prototype Pollution Gadget
cverports profile

CVE-2026-42035: CVE-2026-42035: Axios Header Injection via Prototype Pollution Gadget

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42033: CVE-2026-42033: Prototype Pollution Gadget Chain in Axios HTTP Client
cverports profile

CVE-2026-42033: CVE-2026-42033: Prototype Pollution Gadget Chain in Axios HTTP Client

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42034: CVE-2026-42034: maxBodyLength Bypass in Axios Node.js Stream Transport
cverports profile

CVE-2026-42034: CVE-2026-42034: maxBodyLength Bypass in Axios Node.js Stream Transport

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42039: CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData
cverports profile

CVE-2026-42039: CVE-2026-42039: Uncontrolled Recursion Denial of Service in Axios toFormData

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42038: CVE-2026-42038: Server-Side Request Forgery via Incomplete Hostname Normalization in Axios Proxy Logic
cverports profile

CVE-2026-42038: CVE-2026-42038: Server-Side Request Forgery via Incomplete Hostname Normalization in Axios Proxy Logic

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42037: CVE-2026-42037: CRLF Injection in Axios Multipart Form Data Generation
cverports profile

CVE-2026-42037: CVE-2026-42037: CRLF Injection in Axios Multipart Form Data Generation

#security #cve #cybersecurity
Comments
2 min read
CVE-2026-42036: CVE-2026-42036: maxContentLength Bypass and Resource Exhaustion in Axios
cverports profile

CVE-2026-42036: CVE-2026-42036: maxContentLength Bypass and Resource Exhaustion in Axios

#security #cve #cybersecurity
Comments
2 min read
loading...