CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.13)
Heap-based buffer overflow vulnerability in socat versions 1.8.0.0 through 1.8.1.1. The flaw occurs in the DOMAINNAME reply parser where the domain name length byte is read as a signed char, causing a negative value that is implicitly converted to size_t, resulting in an unbounded heap write into the 262-byte reply buffer.
Halo is an open source website building tool. Prior to version 2.24.3, a path traversal vulnerability in the backup download endpoint allows authenticated administrators to read arbitrary files from the server filesystem.
In ToolJet prior to version 3.20.178-lts, any authenticated user with builder role (free tier) could overwrite a globally-shared marketplace plugin with arbitrary JavaScript that executed server-side with full Node.js access. The malicious code ran whenever any user on the instance triggered a query using that plugin, leading to remote code execution (RCE) and supply-chain compromise of the entire ToolJet deployment.
In ToolJet prior to version 3.20.178-lts, there is an SSRF vulnerability in the RestAPI data source component. The private IP filter only checks the hostname string, allowing bypassing of security and theft of Azure managed identity tokens.
In ToolJet prior to version 3.20.1780-lts, the authenticated endpoint POST /api/data-sources/decrypt returns the decrypted plaintext for any credential whose credential_id is supplied in the request body. Unlike other data endpoints, this handler is not protected by ValidateDataSourceGuard, does not receive the calling @User(), and the underlying CredentialsService.getValue() looks up the credential by id only, with no organization scoping.
Trivy before version 0.71.1 uses the `org.opencontainers.image.title` annotation from the OCI artifact manifest as the destination filename without validation. An attacker who can make Trivy fetch an attacker-controlled artifact can supply a crafted annotation that resolves to a path outside the intended destination, causing Trivy to write the layer content to an arbitrary location on the host filesystem.
Outline before version 1.8.0 contains a vulnerability where the AuthenticationHelper.canAccess function uses ctx.originalUrl without stripping the URL fragment (#), allowing an attacker to bypass API key scope restrictions and escalate privileges by appending a permitted path in the fragment.
Trivy before version 0.71.0, when scanning Helm chart archives (.tgz), uses a custom tar unpacker that reads each entry with io.ReadAll(tr) without size limit. An attacker can place a malicious .tgz file in the scanned path that decompresses to gigabytes, causing the Trivy process to be killed by the OS OOM killer.
A vulnerability in LibreChat prior to 0.8.4-rc1 allows an attacker with a stolen session token to regenerate all 2FA backup codes without requiring any TOTP token or existing backup code. This enables bypassing 2FA login or disabling 2FA entirely.
A vulnerability in LibreChat prior to 0.8.4-rc1 allows an authenticated user to bypass rate limiters added for the /fork endpoint by using the /duplicate endpoint, which performs the same expensive database operations but lacks any rate limiter. This can lead to server resource exhaustion.
LibreChat before version 0.8.4-rc1 allows authenticated users to set a custom URL for OpenAI-compatible API endpoints. This URL is used to construct HTTP requests without any SSRF validation, enabling traffic to be directed to internal network addresses.
A vulnerability in LibreChat before version 0.8.5 allows a malicious MCP server to steal access tokens intended for a legitimate server. The MCP OAuth implementation does not validate that the resource parameter from OAuth Protected Resource metadata (RFC 9728) matches the configured MCP server URL.
A vulnerability in LibreChat before version 0.8.4-rc1 allows any authenticated user to delete any other user's messages. The delete endpoint lacks a user constraint, enabling an attacker to use their own conversation ID and the victim's message ID to permanently remove messages.
Vulnerability in LibreChat before version 0.8.4-rc1 allows an authenticated user to upload files to any agent's tool resources (e.g., context, execute code) without verifying ownership or EDIT permission. The authorization bypass is possible by using the image endpoint instead of the file endpoint.
LibreChat prior to version 0.8.4-rc1 has a vulnerability due to missing HTML escaping of double-quote characters in image alt text in Markdown. An attacker can inject malicious HTML code that executes in the victim's browser.
A vulnerability in LibreChat before version 0.8.4-rc1 allows an authenticated user to upload arbitrarily large files via the conversation import endpoint, potentially exhausting server disk space and memory. The issue stems from missing file size limits in a separate multer instance for this endpoint and a disabled application-level size check by default.
HTMLy CMS version 3.1.1 contains a path traversal vulnerability that allows low-privileged authenticated attackers to relocate arbitrary files by supplying directory traversal sequences in the oldfile parameter at the admin autosave endpoint.
The IPv6 stack in Zephyr can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer (allocated from a memory slab) is not released back to the pool. Repeating the malicious packet exhausts all RX buffer slots, after which the device can no longer obtain RX buffers and stops receiving traffic, resulting in a denial of service.
Permissions were checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create.
A CWE-617 Reachable Assertion vulnerability allows an authenticated attacker to trigger a denial-of-service (DoS) condition by sending a specially crafted request to a vulnerable network-exposed service. This impacts system availability.

