π¨ CVE-2026-56762
Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing invalid characters such as control characters (e.g. \r or \n) when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie header values. In modern runtimes such as Node.js and Cloudflare Workers, such invalid header values are rejected and cause a runtime error before the response is sent, so header injection or response splitting could not be reproduced; the issue primarily affects correctness and robustness, resulting in runtime errors (availability) rather than confirmed header injection.
π@cveNotify
Hono before 4.12.12 does not validate cookie names on the write path in the setCookie(), serialize(), and serializeSigned() functions, allowing invalid characters such as control characters (e.g. \r or \n) when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie header values. In modern runtimes such as Node.js and Cloudflare Workers, such invalid header values are rejected and cause a runtime error before the response is sent, so header injection or response splitting could not be reproduced; the issue primarily affects correctness and robustness, resulting in runtime errors (availability) rather than confirmed header injection.
π@cveNotify
GitHub
Missing validation of cookie name on write path in setCookie()
## Summary
Cookie names are not validated on the write path when using `setCookie()`, `serialize()`, or `serializeSigned()` to generate Set-Cookie headers.
While certain cookie attributes suc...
Cookie names are not validated on the write path when using `setCookie()`, `serialize()`, or `serializeSigned()` to generate Set-Cookie headers.
While certain cookie attributes suc...
π¨ CVE-2026-56784
OpenRemote Manager before 1.24.2 contains an insecure direct object reference vulnerability in the removeAlarms() method that allows authenticated users to delete alarms from other tenants by supplying arbitrary alarm IDs. The bulk deletion endpoint fails to validate that targeted alarm IDs belong to the caller's realm, enabling cross-tenant permanent destruction of safety-critical and security alerts.
π@cveNotify
OpenRemote Manager before 1.24.2 contains an insecure direct object reference vulnerability in the removeAlarms() method that allows authenticated users to delete alarms from other tenants by supplying arbitrary alarm IDs. The bulk deletion endpoint fails to validate that targeted alarm IDs belong to the caller's realm, enabling cross-tenant permanent destruction of safety-critical and security alerts.
π@cveNotify
GitHub
removeAlarms cross-realm IDOR (bulk delete)
### Summary
OpenRemote Manager is vulnerable to a cross-tenant Insecure Direct
Object Reference (IDOR) in the bulk alarm deletion endpoint. An
authenticated user in any realm can delete alarms b...
OpenRemote Manager is vulnerable to a cross-tenant Insecure Direct
Object Reference (IDOR) in the bulk alarm deletion endpoint. An
authenticated user in any realm can delete alarms b...
π¨ CVE-2015-5719
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
π@cveNotify
app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 does not properly restrict filenames under the tmp/files/ directory, which has unspecified impact and attack vectors.
π@cveNotify
π¨ CVE-2015-5720
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
π@cveNotify
Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Information Sharing Platform (MISP) before 2.3.90 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) add.ctp, (2) edit.ctp, and (3) ajaxification.js.
π@cveNotify
π¨ CVE-2015-5721
Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.
π@cveNotify
Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP object injection attacks via crafted serialized data, related to TemplatesController.php and populate_event_from_template_attributes.ctp.
π@cveNotify
π¨ CVE-2022-42724
app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have).
π@cveNotify
app/Controller/UsersController.php in MISP before 2.4.164 allows attackers to discover role names (this is information that only the site admin should have).
π@cveNotify
GitHub
security: [user] Fixing disclosure of roles name to non-site admin us⦠· MISP/MISP@934b9cd
β¦ers and ensure user edit applies the restricted_to_site_admin option
This vulnerability with a default MISP installation without additional roles is disclosing list of role name which were restri...
This vulnerability with a default MISP installation without additional roles is disclosing list of role name which were restri...
π¨ CVE-2022-47928
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
π@cveNotify
In MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.
π@cveNotify
GitHub
fix: [security] XSS in the template file uploads Β· MISP/MISP@684d3e5
- as reported by Dawid Czarnecki from Zigrin Security
π¨ CVE-2023-24070
app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field.
π@cveNotify
app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey add via a Referer field.
π@cveNotify
GitHub
fix: [security] XSS in authkey add Β· MISP/MISP@f7238fe
- as reported by Dawid Czarnecki from Zigrin Security
π¨ CVE-2023-28606
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
π@cveNotify
js/event-graph.js in MISP before 2.4.169 allows XSS via event-graph node tooltips.
π@cveNotify
GitHub
fix: [security] XSS in event-graph node tooltips Β· MISP/MISP@30255b8
- as reported by Cyber Controls from SIX Group
π¨ CVE-2023-28607
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
π@cveNotify
js/event-graph.js in MISP before 2.4.169 allows XSS via the event-graph relationship tooltip.
π@cveNotify
GitHub
fix: [security] XSS in event-graph relationship tooltip Β· MISP/MISP@78f4234
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: [security] XSS in event-graph relationship tooltip Β· MISP/MISP@78f4234
π¨ CVE-2023-28884
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
π@cveNotify
In MISP 2.4.169, app/Lib/Tools/CustomPaginationTool.php allows XSS in the community index.
π@cveNotify
GitHub
fix: [security] XSS in community index Β· MISP/MISP@b94c797
- As reported by Zigrin Security
π¨ CVE-2023-37306
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
π@cveNotify
MISP 2.4.172 mishandles different certificate file extensions in server sync. An attacker can obtain sensitive information because of the nature of the error messages.
π@cveNotify
GitHub
fix: properly handle different cert file extensions in server sync. #β¦ Β· MISP/MISP@f125630
β¦9084
π¨ CVE-2023-37307
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
π@cveNotify
In MISP before 2.4.172, title_for_layout is not properly sanitized in Correlations, CorrelationExclusions, and Layouts.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2023-48655
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
π@cveNotify
An issue was discovered in MISP before 2.4.176. app/Controller/Component/IndexFilterComponent.php does not properly filter out query parameters.
π@cveNotify
GitHub
fix: properly filter out query parameters Β· MISP/MISP@158c8b2
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: properly filter out query parameters Β· MISP/MISP@158c8b2
π¨ CVE-2023-48656
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
π@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
π@cveNotify
GitHub
fix: fixed invalid ordering errors Β· MISP/MISP@d6ad402
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: fixed invalid ordering errors Β· MISP/MISP@d6ad402
π¨ CVE-2023-48657
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
π@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
π@cveNotify
GitHub
chg: [restsearch internal] sanity check erroneous filters Β· MISP/MISP@08bd232
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - chg: [restsearch internal] sanity check erroneous filters Β· MISP/MISP@08bd232
π¨ CVE-2023-48658
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
π@cveNotify
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php lacks a checkParam function for alphanumerics, underscore, dash, period, and space.
π@cveNotify
GitHub
chg: [helper] Added param sanity check helper function Β· MISP/MISP@1686215
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - chg: [helper] Added param sanity check helper function Β· MISP/MISP@1686215
π¨ CVE-2023-48659
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
π@cveNotify
An issue was discovered in MISP before 2.4.176. app/Controller/AppController.php mishandles parameter parsing.
π@cveNotify
GitHub
fix: [internal] improved parameter parsing Β· MISP/MISP@37ecf81
MISP (core software) - Open Source Threat Intelligence and Sharing Platform - fix: [internal] improved parameter parsing Β· MISP/MISP@37ecf81
π¨ CVE-2026-32652
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
π@cveNotify
Dell AIOps Collector versions prior to 1.18.3 contain a "Use of Default Credentials" vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access. This vulnerability only affects fresh installations of Collector versions earlier than 1.18.3. Systems that have been upgraded (either manually or automatically) to version 1.18.3 or later are not impacted, even if they were originally installed on an earlier version.
π@cveNotify
π¨ CVE-2026-2273
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
π@cveNotify
CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of the subsequent system when an authenticated user opens a malicious project file.
π@cveNotify
π¨ CVE-2026-40701
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacker can send requests along with conditions beyond its control that may cause a heap-use-after-free error in the NGINX worker process. This vulnerability may result in limited modification of data or the NGINX worker process restarting.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
π@cveNotify
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configured with a resolver. With this configuration, an unauthenticated attacker can send requests along with conditions beyond its control that may cause a heap-use-after-free error in the NGINX worker process. This vulnerability may result in limited modification of data or the NGINX worker process restarting.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
π@cveNotify
F5
NGINX ngx_http_ssl_module vulnerability CVE-2026-40701
Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssl_module module when the ssl_verify_client directive is set to "on" or "optional," and the ssl_ocsp directive is set to "on" or the leaf parameters are configuredβ¦