|
2881
|
9.1 |
CRITICAL
Network
|
netty
|
netty-incubator-codec-ohttp
|
The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP (RFC 9458) using BoringSSL's HPKE C library via JNI. When deriving native memory addresses…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2026-48040
|
2026-06-6 06:04 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2882
|
5.3 |
MEDIUM
Network
|
netty
|
netty-incubator-codec-ohttp
|
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDF_expand returns non-NULL on failure. The byte[] is filled with zeros and has no way to distin…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2026-41207
|
2026-06-6 06:01 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2883
|
- |
|
-
|
-
|
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network a…
|
CWE-22
CWE-798
Path Traversal
Use of Hard-coded Credentials
|
CVE-2026-11414
|
2026-06-6 05:49 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2884
|
- |
|
-
|
-
|
A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authen…
|
CWE-22
CWE-434
Path Traversal
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-11419
|
2026-06-6 05:49 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2885
|
- |
|
-
|
-
|
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on…
|
CWE-22
CWE-306
Path Traversal
Missing Authentication for Critical Function
|
CVE-2026-11420
|
2026-06-6 05:49 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2886
|
8.0 |
HIGH
Network
|
-
|
-
|
An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges t…
|
CWE-426
Untrusted Search Path
|
CVE-2026-11400
|
2026-06-6 05:49 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2887
|
8.0 |
HIGH
Network
|
-
|
-
|
An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to …
|
CWE-426
Untrusted Search Path
|
CVE-2026-11401
|
2026-06-6 05:49 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2888
|
- |
|
-
|
-
|
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 25.0.0 and prior to version 26.0.0, the haxcms_refresh_token cookie is set without the Secure flag. This allow…
|
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
|
CVE-2026-46398
|
2026-06-6 05:48 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2889
|
7.5 |
HIGH
Network
|
-
|
-
|
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.1 use `uniqid` for generating salts, which is unsuitable. Version 26.0.1 fixes the issue.
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2026-46493
|
2026-06-6 05:48 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2890
|
7.1 |
HIGH
Adjacent
|
securly
|
securly
|
Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via the Fetch API. Other endpoints in the same extension …
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-8874
|
2026-06-6 05:47 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
