Known Vulnerabilities for Http Server by Dart
Listed below are 1 of the newest known vulnerabilities associated with "Http Server" by "Dart".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59101 json | AutoBangumi before 3.2.8 contains a server-side request forgery (SSRF) vulnerability that allows unauthenticated remote attac... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-59095 json | LobeChat before 2.2.10-canary.18 contains a server-side request forgery vulnerability that allows authenticated attackers to ... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-58369 json | Woodpecker before 3.15.0 registers the /api/orgs/lookup/*org_full_name endpoint without authentication middleware, and the Lo... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-57940 json | HTMLy 3.1.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the RSS feed import functionality. The function ge... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57527 json | Zed Attack Proxy (ZAP) ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attac... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-56766 json | Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, ... | Not Provided | 2026-06-25 | 2026-06-25 |
| CVE-2026-56348 json | n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint... | Not Provided | 2026-06-22 | 2026-06-23 |
| CVE-2026-56331 json | Capgo before 12.128.2 contains improper error handling in the /private/accept_invitation endpoint that returns HTTP 500 inste... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-56285 json | Nitter's /video media proxy endpoint fails to validate target URLs against Twitter/X domains and uses a hardcoded default HMA... | Not Provided | 2026-06-29 | 2026-06-29 |
| CVE-2026-56275 json | Flowise before 3.1.0 contains a server-side request forgery vulnerability in the Execute Flow node that allows attackers to b... | Not Provided | 2026-06-23 | 2026-06-23 |