Tag
high
advisory
undici Library Vulnerable to Cross-Origin Request Routing via SOCKS5 Proxy Reuse (CVE-2026-6734)
2 rules 2 TTPsThe undici library, when using `Socks5ProxyAgent`, is vulnerable to cross-origin request routing if a single connection pool is reused across different origins, potentially misdirecting requests and credentials, trusting responses from the wrong origin, and silently downgrading HTTPS requests to HTTP (CVE-2026-6734).
undici >= 7.23.0 < 7.28.0 +1
library-vulnerability
cross-origin-request
data-leakage
nodejs
2r
2t
medium
advisory
Detection of Out-of-Domain Email Forwarding in Google Workspace
2 rules 1 TTPDetects automatic email forwarding to external domains in Google Workspace, which may indicate data leakage or misuse by malicious insiders or compromised accounts.
Google Workspace
data-leakage
gworkspace
email-forwarding
2r
1t