| Python Core: header injection via HTTP Proxy CONNECT Tunneling | An attacker can add new headers on Python Core, via HTTP Proxy CONNECT Tunneling, in order to alter the service behavior... | Visit link for details |
| Node.js undici: read-write access via Upgrade Option | An attacker can bypass access restrictions of Node.js undici, via Upgrade Option, in order to read or alter data... | Visit link for details |
| Cockpit: code execution via SSH Options | An attacker can use a vulnerability of Cockpit, via SSH Options, in order to run code... | Visit link for details |
| Mbed TLS: multiple vulnerabilities dated 10/04/2026 | An attacker can use several vulnerabilities of Mbed TLS, dated 10/04/2026... | Visit link for details |
| PowerDNS DNSdist: multiple vulnerabilities dated 10/04/2026 | An attacker can use several vulnerabilities of PowerDNS DNSdist, dated 10/04/2026... | Visit link for details |
| util-linux: file reading via /usr/bin/mount | An attacker can read a file of util-linux, via /usr/bin/mount, in order to obtain sensitive information... | Visit link for details |
| CGIF: integer overflow via cgif_addframe() | An attacker can trigger an integer overflow of CGIF, via cgif_addframe(), in order to trigger a denial of service, and possibly to run code... | Visit link for details |
| Eclipse Jetty: privilege escalation via JASPIAuthenticator | An attacker can bypass restrictions of Eclipse Jetty, via JASPIAuthenticator, in order to escalate his privileges... | Visit link for details |
| Apache Tomcat: six vulnerabilities dated 09/04/2026 | An attacker can use several vulnerabilities of Apache Tomcat, dated 09/04/2026... | Visit link for details |
| Apache Tomcat: four vulnerabilities dated 09/04/2026 | An attacker can use several vulnerabilities of Apache Tomcat, dated 09/04/2026... | Visit link for details |