CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cookie() function that accepts unauthenticated profile names from the hermes_profile cookie. An authenticated attacker can forge the hermes_profile cookie value to bypass profile-scoped authorization checks and access sessions, files, and resources across different profiles.
Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation. FastAPI HTTP middleware does not execute for WebSocket upgrade requests on specified endpoints, enabling attackers to exploit this vulnerability.
A vulnerability in Starlette 1.0.1 and earlier on Windows allows SSRF via UNC path. When the server validates the path, it sends an SMB request to the attacker, leaking NTLMv2 credentials. The issue affects default follow_symlink=False deployments, including frameworks like FastAPI.
A vulnerability in the undici library causes ProxyAgent to silently drop the requestTls option when configured with a SOCKS5 proxy URI. HTTPS connections through the SOCKS5 tunnel fall back to Node's default trust store, ignoring user-configured TLS settings.
In the undici library, a vulnerability exists where Socks5ProxyAgent reuses a single connection pool across different origins without verifying that the pool matches the requested origin. This causes cross-origin request routing, potentially leading to credential leakage and silent downgrade of HTTPS to HTTP.
A vulnerability in Envoy allows an unauthenticated remote client to trigger excessive memory consumption via HTTP/2 downstream request processing. The issue stems from incomplete accounting of cookie header bytes during size validation and missing limits on total decoded header size in HPACK. This can lead to OOM termination of the Envoy process and denial of service.
The undici WebSocket client in version 8.1.0 does not enforce the cumulative size of fragmented uncompressed messages, leading to unbounded memory growth. A malicious WebSocket server can stream many small fragments that pass validation but collectively exceed the configured limit, resulting in memory exhaustion and denial of service.
Picklescan before version 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function. By using dynamic eval and the __reduce__ trick, attackers can embed malicious magic numbers in PyTorch payloads that evade picklescan detection.
Picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen.
Dell AIOps Collector versions prior to 1.18.3 contain a 'Use of Default Credentials' vulnerability. A low privileged attacker with console access could potentially exploit this vulnerability to gain Filesystem access.
A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This issue is due to improper authorization checks when accessing resources.
The undici WebSocket client does not limit the number of message fragments, allowing a malicious server to send many small continuation frames. This causes unbounded memory growth and denial of service (DoS).
PickleScan before 0.0.33 fails to include the pty.spawn function in its unsafe globals list, allowing attackers to bypass security checks. Malicious actors can craft pickle payloads using pty.spawn to achieve arbitrary code execution when files are processed by PickleScan.
In version 1.0.0 of the python-pdfkit library by JazzCore, the from_string method allows the execution of JavaScript code within the context of the server application and the exfiltration of local files.
Nexi Payments Nexi XPay has a missing authorization vulnerability that allows exploiting incorrectly configured access control security levels.
Missing authorization in the server management routes in Azuriom CMS before version 1.2.11 allows an authenticated attacker with admin.access permission to create AzLink server tokens and take over non-admin user accounts by changing their passwords and email addresses.
Dell PowerFlex Manager versions prior to 5.1.0.1 contain an Improper Authentication vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure, Information tampering, and Unauthorized access.
NGINX Open Source has a vulnerability in the ngx_http_v3_module. When configured with the HTTP/3 QUIC module, a remote unauthenticated attacker, under specific conditions, can use a crafted HTTP/3 session to reopen a QPACK encoder stream, causing a Use-after-Free in the NGINX worker process and a restart. On systems with ASLR disabled or bypassed, code execution is possible.
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules. It occurs when proxy_http_version 2 or grpc_pass directives are used for HTTP/2 proxying, ignore_invalid_headers is set to off, and large_client_header_buffers size exceeds 2 MB. A remote unauthenticated attacker can send large headers causing a heap-based buffer overflow in the NGINX worker process, leading to a restart or potential code execution.
Dell PowerFlex Manager versions prior to 5.1.0.1 contain an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service.

