601864 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 3.4.20 Vulnerability Details CVEID:CVE-2026-41003 DESCRIPTION: An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters...
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 3.3.22 Vulnerability Details CVEID:CVE-2026-41003 DESCRIPTION: An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters...
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 3.2.28 Vulnerability Details CVEID:CVE-2026-41003 DESCRIPTION: An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters...
Security Bulletin: Multiple Vulnerabilities in IBM Library Support for Spring
Summary Multiple vulnerabilities were addressed in IBM Library Support for Spring 2.7.40 Vulnerability Details CVEID:CVE-2026-41003 DESCRIPTION: An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters...
tools-hacking
HackerAI Tools Collection Koleksi lengkap 85 tools hackin...
Exploit for Path Traversal in Gogs
─── Ghostlink ─── 🏴 AMN SECURITY 🏴 مركز أبحاث...
EUVD-2026-42724
A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass web filtering and access downstream resources that should be unreachable. If an MX Series device is...
CVE-2026-54760
Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.1, the SQLChatAgent SQL-injection mitigation, with default allowdangerousoperations=False, combines a raw-text regex blocklist DANGEROUSSQLPATTERNS with a sqlglot SELECT-only statement allowlist...
Tesla vulnerable to multipart part smuggling via unescaped `content-disposition` values
Summary Tesla.Multipart.partheadersfordisposition/1 interpolates Content-Disposition parameter values field name, filename, and other opts verbatim into the part header line without encoding or escaping any special characters. An attacker who controls a filename, field name, or other disposition...
Tesla has decompression bomb on response body
Summary Any Tesla client pipeline that includes Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression eagerly decompresses HTTP response bodies with no size limit. A server under attacker control or reached via a redirect can return a tiny gzip-encoded payload that expands into...
Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Summary Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. A relatively small input consisting of repeated characters causes significant parsing slowdown. Affected component mistune/inlineparser.py → parselinktext Description When parsing...
CVE-2026-54760
CVE-2026-54760: Langroid’s SQLChatAgent dangerous-function blocklist can be bypassed. Prior to version 0.65.1, the mitigation combines a raw-text regex (_DANGEROUS_SQL_PATTERNS) with a sqlglot-based SELECT-only allowlist. Attackers can defeat the regex using PostgreSQL forms such as quoted identi...
CVE-2026-54760 Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls
Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.1, the SQLChatAgent SQL-injection mitigation, with default allowdangerousoperations=False, combines a raw-text regex blocklist DANGEROUSSQLPATTERNS with a sqlglot SELECT-only statement allowlist...
mint: Unbounded streams map growth via PUSH_PROMISE without follow-up HEADERS
Summary Mint's HTTP/2 client accepts PUSHPROMISE frames from any server it connects to and inserts every promised stream into a per-connection map without consulting maxconcurrentstreams. A malicious or compromised HTTP/2 server can flood the client with PUSHPROMISE frames and withhold the matchi...
mint: Unbounded CONTINUATION/HEADERS frame accumulation (CONTINUATION flood)
Summary Mint's HTTP/2 client accumulates CONTINUATION header-block fragments into a per-connection buffer with no cap on size or frame count. A malicious or compromised HTTP/2 server can drive the client's memory to arbitrary size by streaming an endless chain of CONTINUATION frames after a HEADE...
CVE-2026-59853
SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private...
CVE-2026-59833
SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored...
CVE-2026-59834
SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/search/fullTextSearchBlock concatenates attacker-controlled paths values into SQL predicates used by non-SQL search modes, allowing an unauthenticated publish visitor to inject a UNI...
CVE-2026-33655
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/blo...
Malicious code in validator-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41a95b09ecd097cf7db1496950d26195169adb7ad2d8065a3458771389094be4 Package name validator-string impersonates the widely-used npm package validator and copies its README, homepage, and API surface. package.json...