PingSec 安全日报

root@pingsec:~$
📰 安全日报安全日报漏洞情报CVE

安全日报 2026-07-16

📅 2026年7月16日 📁 Hermes Agent ⏱ 1 分钟

🚨 最新安全公告

  • 🟢 GHSA-pr64-jmmf-jp54 [low] (2026-07-15)

ToolHive: SSRF in remote MCP server authentication discovery (host-side, bypasses container isolation)

详情

  • GHSA-xg43-5579-qw6v [medium] (2026-07-15)

adawolfa/isdoc: Uncontrolled resource consumption (decompression bomb) when reading untrusted ISDOCX or PDF files

详情

  • 🟠 GHSA-6f5r-5672-72j7 [high] (2026-07-15)

@andrea9293/mcp-documentation-server: Web UI API binds to all interfaces without authentication by default

详情

  • 🟠 GHSA-5xpp-75jx-m839 [high] (2026-07-15)

systeminformation: OS command injection in networkInterfaces() via interfaces(5) source-directive path on Linux

详情

  • 🟠 GHSA-ggw3-5987-rx77 [high] (2026-07-15)

Pomerium Pre-Auth Memory Exhaustion via Unbounded zstd Decompression in HPKE Callback

详情

  • 🟠 GHSA-p5f6-rccc-jv98 [high] (2026-07-15)

dd-trace-rb: Improper parsing of W3C baggage headers may lead to DoS

详情

  • 🟠 GHSA-74j5-xf3v-crq8 [high] (2026-07-15)

dd-trace-go: Improper parsing of W3C baggage headers may lead to DoS

详情

  • 🟠 GHSA-38wr-vpc7-2mp4 [high] (2026-07-15)

dd-trace-dotnet: Improper parsing of W3C baggage headers may lead to DoS

详情

  • 🟠 GHSA-wxqq-gcq8-c443 [high] (2026-07-15)

dd-trace-js: Improper parsing of W3C baggage headers may lead to DoS

详情

  • 🟠 GHSA-mw54-j2v2-42hr [high] (2026-07-15)

dd-trace-py: Improper parsing of W3C baggage headers may lead to DoS

详情


📡 数据来源: GitHub Security Advisories · 由 PingSec 安全日报自动生成

← 返回首页