Security Advisory: CVE-2026-48618 - High - Node.js TLS Wildcard Verification Bypass via Unicode Dot Separator

Severity: High (CVSS 7.7) Affected Systems: Nodejs Nodejs Overview Node.js TLS Wildcard Verification Bypass via Unicode Dot Separator A high vulnerability identified as CVE-2026-48618 has been disclosed. A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator handling can lead to tls wildcard-depth authentication bypass ... Read More »

26th Jun 2026
Security Advisory: CVE-2026-48933 - High - Node.js WebCrypto Subtle.encrypt Integer Overflow Crash

Severity: High (CVSS 7.5) Affected Systems: Nodejs Nodejs Overview Node.js WebCrypto Subtle.encrypt Integer Overflow Crash A high vulnerability identified as CVE-2026-48933 has been disclosed. A flaw in Node.js WebCrypto implementation can crash the process if the input of `subtle.encrypt()` is a multiple of 2GiB. This vulnerability affects ... Read More »

26th Jun 2026
Security Advisory: CVE-2026-23918 - High - Apache HTTP Server: http2: double free and possible RCE on early reset

Severity: High (CVSS 8.8) Affected Systems: Apache Http Server Overview Apache HTTP Server: http2: double free and possible RCE on early reset A high vulnerability identified as CVE-2026-23918 has been disclosed. Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: ... Read More »

21st Jun 2026
Security Advisory: CVE-2026-29167 - Critical - Apache HTTP Server: mod_ldap per-dir use-after-free

Severity: Critical (CVSS 9.8) Affected Systems: Apache Http Server Overview Apache HTTP Server: mod_ldap per-dir use-after-free A critical vulnerability identified as CVE-2026-29167 has been disclosed. Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 ... Read More »

21st Jun 2026
1 2 3 4