DOMPurify is vulnerable to mutation-XSS via Re-Contextualization

Description A mutation-XSS mXSS condition was confirmed when sanitized HTML is reinserted into a new parsing context using innerHTML and special wrappers. The vulnerable wrappers confirmed in browser behavior are script, xmp, iframe, noembed, noframes, and noscript. The payload remains seemingly...

GHSA-H8R8-WCCR-V5F2 DOMPurify is vulnerable to mutation-XSS via Re-Contextualization

Description A mutation-XSS mXSS condition was confirmed when sanitized HTML is reinserted into a new parsing context using innerHTML and special wrappers. The vulnerable wrappers confirmed in browser behavior are script, xmp, iframe, noembed, noframes, and noscript. The payload remains seemingly...

Directory Traversal

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Directory Traversal via the loadprompt, loadpromptfromconfig, or .save methods on prompt classes. An attacker can access arbitrary files on the host filesystem by...

LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions

Summary Multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to loadprompt or loadpromptfromconfig...

GHSA-QH6H-P6C9-FF54 LangChain Core has Path Traversal vulnerabilites in legacy `load_prompt` functions

Summary Multiple functions in langchaincore.prompts.loading read files from paths embedded in deserialized config dicts without validating against directory traversal or absolute path injection. When an application passes user-influenced prompt configurations to loadprompt or loadpromptfromconfig...

Directory Traversal

Overview @mobilenext/mobile-mcp is a Mobile MCP Affected versions of this package are vulnerable to Directory Traversal via the saveTo and output parameters in the mobilesavescreenshot and mobilestartscreenrecording tools. An attacker can overwrite arbitrary files on the host system by supplying...

EUVD-2026-16670

The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

Security Bulletin: IBM WebSphere Automation is vulnerable to multiple security vulnerabilites

Summary Multiple security vulnerabilites were identified in the Open Liberty baseimage which is shipped with IBM WebSphere Automation. Vulnerability Details CVEID:CVE-2015-20107 DESCRIPTION: In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the uploaduserfile function. An attacker can overwrite or create files in arbitrary locations on the filesystem by submitting specially crafted filenames containing path traversal sequences in the multipart form...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the systemd.credential process. An attacker can overwrite arbitrary files on the host system by crafting credential names that traverse directories. This can lead to privilege escalation or denial of service by...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the systemd.credential process. An attacker can overwrite arbitrary files on the host system by crafting credential names that traverse directories. This can lead to privilege escalation or denial of service by...

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules.

Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to multiple node modules. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer ...

Security Bulletin: Multiple vulnerabilities in IBM Event Endpoint Management.

Summary Multiple vulnerabilities were addressed in IBM Event Endpoint Management 11.7.3 Vulnerability Details CVEID:CVE-2025-68470 DESCRIPTION: React Router is a router for React. In versions 6.0.0 through 6.30.1 and 7.0.0 through 7.9.5, an attacker-supplied path can be crafted so that when a Rea...

CVE-2026-30302

The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

EUVD-2026-16668

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...

EUVD-2026-16600

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

CVE-2026-5027

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...

CVE-2026-30303

The command auto-approval module in Axon Code contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser the Unix-based shell-quote library to analyze commands on the...

CVE-2026-5027

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...

CVE-2026-5027 Langflow - Path Traversal Arbitrary File Write via upload_user_file

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...