VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
2659 advisories across 32 monitored vendors.
A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services. A flaw was found in the file_type content detector of guardrails-detectors. This vulnerability allows a remote attacker to supply an arbitrary XML Schema Definition (XSD) string, which is processed without proper restrictions. This can lead to server-side requests to arbitrary URLs or local file reads, potentially resulting in sensitive information disclosure, such as cloud provider credentials or access to internal network services. This vulnerability is rated as Important. It allows an attacker with network access to the detector service to perform Server-Side Request Forgery (SSRF) and local file reads. This is due to the guardrails-detectors component accepting arbitrary XML Schema Definition (XSD) strings, which are then processed by the xmlschema library without restricting external schemaLocation references. This could lead to credential theft or access to internal services. Red Hat severity: Important — CVSS 9.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N). Weakness: CWE-918. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery (SSRF) by submitting a specially crafted XML Schema Definition (XSD) string. This can lead to unauthorized access to sensitive information, including credentials from cloud metadata services, Kubernetes API, internal MinIO, and other internal network endpoints. Additionally, it enables local file reads of critical data such as service account tokens and pod secrets. A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery (SSRF) by submitting a specially crafted XML Schema Definition (XSD) string. This can lead to unauthorized access to sensitive information, including credentials from cloud metadata services, Kubernetes API, internal MinIO, and other internal network endpoints. Additionally, it enables local file reads of critical data such as service account tokens and pod secrets. This is an Important vulnerability in the `guardrails-detectors` component of Red Hat OpenShift AI (RHOAI) that allows a remote attacker to perform blind Server-Side Request Forgery (SSRF) and local file reads. By submitting a specially crafted XML Schema Definition (XSD) string, an attacker can gain unauthorized access to sensitive information, including cloud metadata credentials, Kubernetes API, internal MinIO, and other internal network endpoints, as well as service account tokens and pod secrets. Red Hat severity: Important — CVSS 9.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N). Weakness: CWE-918. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
Arbitrary code execution or denial of service via integer overflow in RDP message processing. Red Hat rates this important (CVSS 8.8). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Remote code execution via heap out-of-bounds write in RemoteFX decoding. Red Hat rates this important (CVSS 7.5). Weakness: CWE-787. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Localhost services exposed via IPv4-mapped IPv6 address bypass. Red Hat rates this important (CVSS 7.4). Weakness: CWE-289. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
Arbitrary code execution via SQL injection in HTTPS admin panel. Red Hat rates this important (CVSS 7.2). Weakness: CWE-89. No fix erratum has been published yet; monitor the Red Hat CVE page and apply the RHSA when released.
CPU Denial of Service in HTML parser via repeated unterminated markup declarations. Red Hat rates this important (CVSS 7.5). Weakness: CWE-835. Affected package(s): python3. Resolved in Red Hat advisory RHSA-2026:37535 — update the affected packages (`sudo dnf update`).
gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The subtype field sourced from a DEVICES JSON log entry or NMEA PGRMT sentence is written into a generated gnuplot program via a set title statement with only double-quote characters escaped, enabling arbitrary shell command execution as the user running gnuplot when the victim renders the generated plot through the gpsprof and gnuplot workflow. A flaw was found in gpsd, a service application that monitors one or more GPSes or AIS receivers. The gpsprof utility is vulnerable to a command injection. An attacker who can control the GPS device subtype value can embed malicious commands within the gnuplot plot title. When a user processes a specially crafted plot through gpsprof and gnuplot, these embedded commands can be executed, leading to arbitrary code execution on the system. An attacker can embed malicious commands within the gnuplot plot title by controlling the GPS device subtype value. When a user processes a specially crafted plot through `gpsprof`, these commands execute, leading to arbitrary code execution. Exploitation requires user interaction. Red Hat severity: Important — CVSS 7.8 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-78. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
No description is available for this CVE. Red Hat severity: Important — CVSS 7.3 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-61. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships. Will not fix / out of support: Red Hat Enterprise Linux for NVIDIA 26.
Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such as stanza.models.common.pretrain.Pretrain.load() attempt torch.load(..., weights_only=True) but fall back to torch.load(..., weights_only=False) on attacker-controllable pickle.UnpicklingError, allowing a malicious .pt pretrain or model file to execute arbitrary pickle code when a Stanza NLP pipeline loads it. This issue is fixed in version 1.12.2. A flaw was found in Stanza, a Stanford NLP Python library. Stanza model loaders, such as stanza.models.common.pretrain.Pretrain.load(), attempt to safely load PyTorch checkpoint files. However, if this safe load fails due to an attacker-controllable pickle.UnpicklingError, the loaders fall back to an unsafe deserialization method. This allows a remote attacker to craft a malicious pretrain or model file that, when loaded by a Stanza NLP pipeline, can execute arbitrary code with the privileges of the affected process, leading to potential credential theft or data exfiltration. An unsafe deserialization vulnerability in the Stanza Python library can lead to remote code execution. A malicious model pretrain file from an untrusted or compromised source can trigger an insecure deserialization fallback during model loading, resulting in arbitrary code execution with the privileges of the affected process. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). Weakness: CWE-502. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input. A flaw was found in GitLab. Under certain conditions, an authenticated user could exploit improper sanitization of user-supplied input. This vulnerability allows for the execution of arbitrary scripts within another user's browser session, commonly known as Cross-Site Scripting (XSS). This could lead to unauthorized actions or information disclosure. Red Hat severity: Important — CVSS 7.3 (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N). Weakness: CWE-79. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the asyncssh SCP client's filesystem by sending filenames containing ../ traversal sequences because _parse_cd_args in scp.py returns server-provided names verbatim and _recv_files joins them to the destination path without enforcing the target directory boundary. This issue is fixed in version 2.23.1. A flaw was found in AsyncSSH, a Python package for SSHv2 protocol implementation. A malicious SSH server could exploit this vulnerability by sending specially crafted filenames containing directory traversal sequences to an AsyncSSH SCP client. This could allow the server to write arbitrary files to the client's filesystem, leading to unauthorized data modification or system disruption. This Important flaw in AsyncSSH's SCP client allows a malicious SSH server to perform arbitrary file writes on the client's filesystem through directory traversal. This occurs when an AsyncSSH SCP client connects to a compromised or malicious server, enabling unauthorized data modification or system disruption on the client. Red Hat severity: Important — CVSS 8.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H). Weakness: CWE-22. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.12.8 and 2.11.17, an unauthenticated peer with network access to a leafnode listener with compression enabled could crash the server during the pre-authentication leafnode handshake by sending repeated leafnode INFO protocol messages before authentication and account setup completed. This issue is fixed in versions 2.12.8 and 2.11.17. A flaw was found in NATS Server, a high-performance messaging system. An unauthenticated attacker with network access to a leafnode listener, where compression is enabled, could exploit this vulnerability. By sending repeated leafnode INFO protocol messages during the pre-authentication handshake, the attacker can cause the server to crash. This leads to a Denial of Service (DoS), making the server unavailable to legitimate users. This is an Important denial of service vulnerability in NATS Server. An unauthenticated remote attacker with network access to a leafnode listener, configured with compression enabled, could repeatedly send INFO protocol messages during the pre-authentication handshake. This action would cause the NATS server to crash, leading to a denial of service for legitimate users. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-476. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, when no_auth_user was configured, a parser fast path intended for ordinary client connections could also apply to route or leafnode listeners, allowing an unauthenticated peer to bypass inter-server CONNECT authentication and operate with the privileges associated with that connection type. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16. A flaw was found in NATS Server. When the `no_auth_user` configuration is enabled, a parser optimization intended for client connections can inadvertently apply to route or leafnode listeners. This allows an unauthenticated attacker on an adjacent network to bypass inter-server authentication. Consequently, the attacker can operate with the privileges of a trusted connection, leading to a high impact on data integrity. This Important flaw in NATS Server permits an unauthenticated attacker on an adjacent network to bypass inter-server authentication when the `no_auth_user` configuration is active. This allows the attacker to operate with trusted connection privileges, leading to a high impact on data integrity. Red Hat severity: Important — CVSS 8.8 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L). Weakness: CWE-551. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
httplib2 is a comprehensive HTTP client library for Python. Prior to 0.32.0, httplib2 performs unbounded decompression of HTTP response bodies encoded with Content-Encoding: gzip or deflate in _decompressContent in httplib2/init.py, allowing a malicious or compromised HTTP server to return a small compressed payload that expands to an arbitrarily large size in memory and causes MemoryError or OOM-kill in the client process. This issue is fixed in version 0.32.0. A flaw was found in httplib2, a Python HTTP client library. This vulnerability allows a malicious or compromised HTTP server to send a small compressed data payload that, when decompressed by httplib2, expands to an extremely large size in memory. This unbounded decompression can lead to a Denial of Service (DoS) by causing the client application to run out of memory and crash. This Important vulnerability in `httplib2` allows a remote attacker to trigger a Denial of Service (DoS) in client applications. By sending a specially crafted, compressed HTTP response, a malicious server can cause the client to exhaust its memory due to unbounded decompression, leading to application crashes. This poses a significant risk to Red Hat products that use `httplib2` to process untrusted HTTP content. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-409. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships. Will not fix / out of support: Red Hat Enterprise Linux 7.
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.7-stable, LiteLLM Skills archive extraction did not sufficiently validate file paths from uploaded skill ZIP archives, allowing an authenticated user with access to LiteLLM LLM API routes or a key whose allowed_routes includes /v1/skills, anthropic_routes, or llm_api_routes to upload a crafted skill archive containing path traversal entries that could be written outside the intended extraction or staging directory. This issue is fixed in version 1.83.7-stable. A flaw was found in LiteLLM, a proxy server for Large Language Model (LLM) APIs. An authenticated user, with specific API route access, could upload a specially crafted skill archive. This archive, containing path traversal entries, would allow files to be written outside of the designated extraction directory. This vulnerability could lead to arbitrary file creation or modification, potentially resulting in system compromise. LiteLLM prior to 1.83.7-stable does not sufficiently validate file paths extracted from uploaded Skills ZIP archives, allowing path traversal writes outside the intended extraction directory. Exploitation requires the LiteLLM Proxy Server's Skills API (/v1/skills, anthropic_routes, or llm_api_routes) to be enabled and reachable by an authenticated caller. Fixed in 1.83.7-stable. Red Hat severity: Important — CVSS 8.1 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H). Weakness: CWE-22. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to create or update guardrails to submit custom Python code that executed in the LiteLLM proxy environment and could expose secrets available to the process. This issue is fixed in version 1.82.0-stable. A flaw was found in LiteLLM, a proxy server for Large Language Model (LLM) APIs. A privileged user with access to create or update custom code guardrails could exploit this vulnerability. The flaw allowed the user to submit custom Python code that would execute within the LiteLLM proxy environment, potentially exposing sensitive information or secrets accessible to the process. Red Hat rates this flaw with higher severity than the upstream GitHub Security Advisory (GHSA-72m8-9m7m-h278, CVSS v4.0 2.1, Low). Red Hat scored this CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (7.2, Important) because a successful exploit grants arbitrary Python code execution within the LiteLLM proxy process, resulting in full compromise of the confidentiality, integrity, and availability of that component, including exposure of any secrets accessible to the process. Exploitation requires an authenticated caller with privileges to create or update LiteLLM Custom Code Guardrails, which is a proxy-administrator-level capability in default configurations. Red Hat severity: Important — CVSS 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Weakness: CWE-94. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability (CVE-2026-14362) is fixed in memberlist 0.6.0. A flaw was found in HashiCorp memberlist. An attacker with network access to the gossip port could exploit a vulnerability in the push/pull state handling. This could lead to memory exhaustion on a receiving node, causing the process to terminate. This flaw results in a Denial of Service (DoS). Only Red Hat products that run the affected component as a live memberlist gossip agent (a process that binds and listens on a UDP/TCP gossip port for cluster membership) are exposed to this denial-of-service issue. Products that pull in github.com/hashicorp/memberlist only as a transitive Go dependency, without starting a gossip listener, do not exercise the vulnerable push/pull state-handling code path and are not affected. Grafana links github.com/hashicorp/memberlist solely for its optional unified-alerting high-availability (HA) clustering feature; the gossip listener only starts when unified_alerting.ha_peers (plus ha_listen_address/ha_advertise_address) is explicitly configured. Red Hat Advanced Cluster Management for Kubernetes ships its acm-grafana component with unified alerting disabled by default (unified_alerting.enabled = false) and never sets ha_peers, so it never starts the gossip listener and does not exercise the vulnerable code path; it is not affected. Red Hat Multicluster Global Hub ships its multicluster-globalhub-grafana component with unified alerting enabled and ha_peers configured by default, so it does start the gossip listener regardless of replica count and remains affected. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-770. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
OpenTelemetry JavaScript is the OpenTelemetry JavaScript client. Prior to 2.9.0, @opentelemetry/propagator-jaeger decodes incoming uber-trace-id and uberctx-* HTTP header values with decodeURIComponent() without handling decode errors, allowing an unauthenticated remote attacker to send a malformed percent-encoded value that throws an uncaught URIError and terminates a Node.js process using JaegerPropagator as the active propagator. This issue is fixed in version 2.9.0. A flaw was found in the `@opentelemetry/propagator-jaeger` component of OpenTelemetry JavaScript. This vulnerability allows an unauthenticated remote attacker to send specially crafted HTTP header values, specifically `uber-trace-id` and `uberctx-*`. The component improperly decodes these values without handling potential errors, leading to an uncaught `URIError`. Successful exploitation of this flaw can terminate a Node.js process, resulting in a Denial of Service (DoS). This flaw affects the @opentelemetry/propagator-jaeger package used by container images that configure the Jaeger trace-context propagator. Exploitation requires an unauthenticated remote actor to send a crafted uber-trace-id or uberctx-* HTTP header value to a service using JaegerPropagator as its active OpenTelemetry propagator, causing an unhandled URIError that terminates the Node.js process (Denial of Service). Red Hat CVSS score (7.5, Important) is consistent with upstream and NVD scoring. Red Hat severity: Important — CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Weakness: CWE-248. No fixing RHSA erratum has published yet; monitor the Red Hat CVE page and patch when it ships.
Go os.Root: Symlink following vulnerability allows directory traversal. Red Hat rates this important (CVSS 7.8). Weakness: CWE-59. Affected package(s): golang, buildah. Resolved in Red Hat advisory RHSA-2026:38493 — update the affected packages (`sudo dnf update`).