7.7
CVE-2026-33461 - Incorrect Authorization in Kibana Fleet Leading to Information Disclosure
Incorrect Authorization (CWE-863) in Kibana can lead to information disclosure via Privilege Abuse (CAPEC-122). A user with limited Fleet privileges can exploit an internal API endpoint to retrieve sensitive configuration data, including private keys and authentication tokens, that should only be aβ¦
7.7
CVE-2026-4498 - Execution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Eβ¦
Execution with Unnecessary Privileges (CWE-250) in Kibanaβs Fleet plugin debug route handlers can lead reading index data beyond their direct Elasticsearch RBAC scope via Privilege Abuse (CAPEC-122). This requires an authenticated Kibana user with Fleet sub-feature privileges (such as agents, agentβ¦
6.5
CVE-2026-2377 - Mirror-registry: quay: quay: server-side request forgery via log export functionality
A flaw was found in mirror-registry. Authenticated users can exploit the log export feature by providing a specially crafted web address (URL). This allows the application's backend to make arbitrary requests to internal network resources, a vulnerability known as Server-Side Request Forgery (SSRF)β¦
6.6
CVE-2026-4837 - Eval Injection in Rapid7 Insight Agent
An eval() injection vulnerability in the Rapid7 Insight Agent beaconing logic for Linux versions could theoretically allow an attacker to achieve remote code execution as root via a crafted beacon response. Because the Agent uses mutual TLS (mTLS) to verify commands from the Rapid7 Platform, it is β¦
6.2
CVE-2026-33753 - Improper Certificate Validation in rfc3161-client
rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority (TSA). By exploiting a logic flawβ¦
8.6
CVE-2026-33229 - XWiki Platform affected by remote code execution with script right through unprotected Velocity scrβ¦
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Prior to 17.4.8 and 17.10.1, an improperly protected scripting API allows any user with script right to bypass the sandboxing of the Velocity scripting API and execute, e.g., arbitrary Python scβ¦
4.8
CVE-2026-39410 - Hono has a non-breaking space prefix bypass in cookie name handling in getCookie()
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a discrepancy between browser cookie parsing and parse() handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to thβ¦
6.3
CVE-2026-39409 - Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, ipRestriction() does not canonicalize IPv4-mapped IPv6 client addresses (e.g. ::ffff:127.0.0.1) before applying IPv4 allow or deny rules. In environments such as Node.js dual-stack, this can causβ¦
5.9
CVE-2026-39408 - Hono has a path traversal in toSSG() allows writing files outside the output directory
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a path traversal issue in toSSG() allows files to be written outside the configured output directory during static site generation. When using dynamic route parameters via ssgParams, specially crβ¦
5.3
CVE-2026-39407 - Hono has a middleware bypass via repeated slashes in serveStatic
Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.12, a path handling inconsistency in serveStatic allows protected static files to be accessed by using repeated slashes (//) in the request path. When route-based middleware (e.g., /admin/*) is used β¦