•about 3 hours ago•GHSA-MVV8-V4JJ-G47J
6.5GHSA-mvv8-v4jj-g47j: Sensitive Field Exposure in Directus Revision History
Directus failed to consistently sanitize sensitive fields before storing them in the `directus_revisions` table and logging them in Directus Flows. This allowed authentication tokens, 2FA secrets, and third-party API keys to be exposed in plaintext, potentially leading to account takeover or external API abuse.
4 views•7 min read
•about 9 hours ago•GHSA-6Q22-G298-GRJH
7.5GHSA-6Q22-G298-GRJH: Unauthenticated Denial of Service via GraphQL Alias Amplification in Directus
Directus versions prior to 11.17.0 are vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability arises from a lack of request-scoped deduplication in the GraphQL API, allowing attackers to exploit GraphQL alias amplification against resource-intensive resolvers such as the system health check.
5 views•6 min read
•about 12 hours ago•GHSA-9JPJ-G8VV-J5MF
6.0CVE-2026-34511: PKCE Verifier Exposure via OAuth State Parameter in OpenClaw
OpenClaw versions prior to 2026.4.2 contain a security parameter isolation violation in the Gemini OAuth flow. The application incorrectly reuses the PKCE code_verifier as the value for the OAuth state parameter, exposing the secret verifier in plaintext via the redirect URI and defeating PKCE protections.
10 views•6 min read
•about 12 hours ago•GHSA-5HR4-253G-CPX2
4.0GHSA-5hr4-253g-cpx2: Server-Side Request Forgery in web3.py via CCIP Read
A Server-Side Request Forgery (SSRF) vulnerability exists in the web3.py library due to the default-enabled implementation of EIP-3668 (CCIP Read). The library performs unvalidated HTTP GET and POST requests to URLs supplied by untrusted smart contracts during OffchainLookup revert operations.
4 views•8 min read
•about 21 hours ago•CVE-2026-34544
8.4CVE-2026-34544: Signed Integer Overflow and Out-of-Bounds Write in OpenEXRCore B44/B44A Compression
A high-severity signed integer overflow vulnerability in the OpenEXR library's B44 and B44A compression modules allows for out-of-bounds memory writes. This flaw can be triggered during the encoding or decoding of maliciously crafted EXR files, potentially resulting in denial of service or arbitrary code execution.
7 views•6 min read
•about 21 hours ago•CVE-2026-34543
8.7CVE-2026-34543: Heap Information Disclosure in OpenEXR PXR24 Decompression
A critical heap information disclosure vulnerability in OpenEXR allows remote attackers to leak uninitialized heap memory contents via maliciously crafted EXR files. The flaw exists in the PXR24 decompression logic, where missing bounds checks on truncated zlib streams lead to out-of-bounds reads during image reconstruction.
4 views•6 min read
•about 22 hours ago•CVE-2026-34824
7.5CVE-2026-34824: Uncontrolled Thread Spawning Denial of Service in Mesop WebSockets
CVE-2026-34824 is a high-severity denial-of-service vulnerability in the Mesop Python UI framework. Versions 1.2.3 and 1.2.4 fail to implement resource constraints within the WebSocket message handler, allowing unauthenticated remote attackers to trigger unbounded OS thread creation and cause complete system availability loss.
6 views•6 min read
•about 22 hours ago•CVE-2026-25044
8.7CVE-2026-25044: Remote Code Execution via OS Command Injection in Budibase Bash Automations
Budibase versions prior to 3.33.4 contain a critical OS command injection vulnerability within the platform's bash automation step. An authenticated attacker with privileges to create or modify automations can inject shell metacharacters, leading to unauthenticated remote code execution on the host system.
7 views•5 min read
•about 24 hours ago•CVE-2026-32145
8.7CVE-2026-32145: Denial of Service via Multipart Parsing Limit Bypass in Wisp
CVE-2026-32145 is a high-severity Denial of Service vulnerability in the Wisp web framework for the Gleam programming language. Unauthenticated remote attackers can bypass configured max_body_size and max_files_size limits during multipart/form-data parsing to exhaust memory or disk space.
5 views•6 min read
•1 day ago•GHSA-FMG6-246M-9G2V
7.7GHSA-FMG6-246M-9G2V: Insufficient Entropy in Cookie Encryption in Auth0 Laravel SDK
The Auth0 Laravel SDK (auth0/login) suffers from a cryptographic vulnerability due to insufficient entropy in its cookie encryption mechanism. This weakness permits threat actors to brute-force session encryption keys offline, enabling the forgery of session cookies and leading to complete account takeover.
6 views•7 min read
•1 day ago•CVE-2025-68152
6.9CVE-2025-68152: Cross-Model Log Leakage via Incorrect Authorization in Juju API
Juju versions 2.9 (prior to 2.9.56) and 3.6 (prior to 3.6.19) suffer from an incorrect authorization vulnerability in the API server. An attacker compromising a single workload machine can use local agent credentials to bypass model isolation and stream debug logs across the entire deployment, including the central controller.
5 views•7 min read
•1 day ago•CVE-2025-68153
7.1CVE-2025-68153: Incorrect Authorization Leading to Resource Poisoning in Juju Apiserver
A critical incorrect authorization vulnerability in the Juju apiserver resource management endpoint allows low-privileged, authenticated entities to bypass model boundaries. Attackers can perform cross-model resource poisoning by uploading malicious payloads, leading to remote code execution on target workloads.
6 views•7 min read