cvereports.hashnode.devGHSA-78CV-MQJ4-43F7: GHSA-78cv-mqj4-43f7: HTTP Header Injection via Incomplete Cookie Attribute Validation in TornadoGHSA-78cv-mqj4-43f7: HTTP Header Injection via Incomplete Cookie Attribute Validation in Tornado Vulnerability ID: GHSA-78CV-MQJ4-43F7 CVSS Score: 6.5 Published: 2026-03-11 Tornado versions prior to v6.5.5 contain a vulnerability in the RequestHand...2h ago·2 min read
cvereports.hashnode.devCVE-2026-31976: CVE-2026-31976: Supply Chain Compromise via Tag Poisoning in xygeni-actionCVE-2026-31976: Supply Chain Compromise via Tag Poisoning in xygeni-action Vulnerability ID: CVE-2026-31976 CVSS Score: 9.3 Published: 2026-03-11 CVE-2026-31976 is a critical supply chain vulnerability in the xygeni-action GitHub Action. An attacke...3h ago·2 min read
cvereports.hashnode.devCVE-2026-26131: CVE-2026-26131: Local Elevation of Privilege via Incorrect Default Permissions in .NET 10.0CVE-2026-26131: Local Elevation of Privilege via Incorrect Default Permissions in .NET 10.0 Vulnerability ID: CVE-2026-26131 CVSS Score: 7.8 Published: 2026-03-11 CVE-2026-26131 is a critical Elevation of Privilege (EoP) vulnerability affecting Mic...5h ago·2 min read
cvereports.hashnode.devCVE-2026-32094: CVE-2026-32094: Argument Injection via Incomplete Shell Escaping in shescapeCVE-2026-32094: Argument Injection via Incomplete Shell Escaping in shescape Vulnerability ID: CVE-2026-32094 CVSS Score: 6.9 Published: 2026-03-11 The shescape library prior to version 2.1.10 fails to properly escape square brackets when targeting...6h ago·2 min read
cvereports.hashnode.devCVE-2026-31892: CVE-2026-31892: Argo Workflows WorkflowTemplate Security Bypass via podSpecPatchCVE-2026-31892: Argo Workflows WorkflowTemplate Security Bypass via podSpecPatch Vulnerability ID: CVE-2026-31892 CVSS Score: 8.9 Published: 2026-03-11 CVE-2026-31892 is a high-severity security bypass vulnerability in Argo Workflows that permits a...6h ago·2 min read
