VulnSea
CVE-2026-49471 — Serena: Unauthenticated Flask dashboard on fixed port enables DNS rebinding → memory poisoning → RCE · VulnSea