ex-aws-sns-signingcerturl-spoofing-cve-2026-47074
CVE-2026-47074: ex_aws_sns verify_message/1 fails to validate SigningCertURL, allowing unauthenticated SNS message signature spoofing; affects versions 2.0.1 to before 2.3.5.
CVE-2026-47074: ex_aws_sns verify_message/1 fails to validate SigningCertURL, allowing unauthenticated SNS message signature spoofing; affects versions 2.0.1 to before 2.3.5.
Amendments to the Building Safety Responsible Actors Scheme update obligations for developers and owners and explain enforcement under UK health and safety law.
azureauthextension Authenticate fails to validate bearer tokens, allowing replay of any Azure access token against OpenTelemetry receivers when a matching Host header is chosen.
New traffic order on the M77/A77 Girvan imposes temporary traffic prohibitions and a 10 mph limit, with significant implications for fleet operations and regulatory compliance.
Exim before 4.99.3 has a GnuTLS use-after-free triggered by a TLS close_notify mid-body during BDAT chunking, enabling potential remote code execution; patch and isolate mail hosts immediately.
UK extends roadworthiness testing and tachograph rules to certain zero-emission goods vehicles in the 3.5–4.25 t band, creating new duties for fleet operators.
A blind SQL injection in the APIExperts Square for WooCommerce WordPress plugin was reported ~34 minutes ago; site owners should inventory, isolate, patch or remove the plugin and follow ISO-aligned controls.
Donec ullamcorper nulla non metus auctor fringilla. Cras justo odio, dapibus ac facilisis in, egestas eget
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.
Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.