116 matches found
@antv/narrative-text-vis (>=0.1.6 <=0.2.5), antv-site-demo-rc (>=0.1.0-alpha.16 <=0.1.0-alpha.22) potentially affected by unknown CVE via @antv/word-scale-chart (>=0.1.1 <=0.3.4)
@antv/word-scale-chart NPM version =0.1.1, =0.1.6, =0.1.0-alpha.16, =0.1.0-alpha.22 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4096...
CVE-2026-34172
Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...
CVE-2026-34172
Giskard is an open-source Python library for testing and evaluating agentic systems. Prior to versions 0.3.4 and 1.0.2b1, ChatWorkflow.chatmessage passes its string argument directly as a Jinja2 template source to a non-sandboxed Environment. A developer who passes user input to this method enabl...
CVE-2026-1099
The Administrative Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'login' and 'logout' shortcode attributes in all versions up to, and including, 0.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2026-1099 Administrative Shortcodes <= 0.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes
The Administrative Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'login' and 'logout' shortcode attributes in all versions up to, and including, 0.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2026-1099 Administrative Shortcodes <= 0.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes
The Administrative Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'login' and 'logout' shortcode attributes in all versions up to, and including, 0.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2026-1099
CVE-2026-1099 refers to the WordPress plugin Administrative Shortcodes (
CVE-2026-1257
The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'gettemplate' shortcode. This is due to insufficient path validation on user-supplied input passed to the gettemplatepart function...
WordPress Administrative Shortcodes plugin <= 0.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'login' and 'logout' Shortcode Attributes vulnerability discovered by zaim in WordPress Plugin Administrative Shortcodes versions = 0.3.4...
WordPress Administrative Shortcodes plugin <= 0.3.4 - Authenticated (Contributor+) Local File Inclusion via 'slug' Shortcode Attribute vulnerability
Authenticated Contributor+ Local File Inclusion via 'slug' Shortcode Attribute vulnerability discovered by zaim in WordPress Plugin Administrative Shortcodes versions = 0.3.4...
WordPress Plugin Administrative Shortcodes Cross-Site Script Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-4588
The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'get template' shortcode. This is due to insufficient path validation on user-supplied input passed to the get template part functio...
dzbanek-langflow-base (>=0.6.0 <=0.6.1), langflow-base (>=0.7.0 <=0.8.0rc2) +1 more potentially affected by CVE-2026-0769 via lfx (>=0.1.13 <=0.3.4)
lfx PYPI version =0.1.13, =0.6.0, =0.7.0, =0.8.0rc2 - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-0769 Source advisory: SNYK:PYTHON-LFX-15091581...
EUVD-2021-1064
Malware in sbrugna...
EUVD-2020-0062
Malware in sbrugna...
EUVD-2021-1726
Malware in sbrugna...
EUVD-2024-45587
Malicious code in bioql PyPI...
EUVD-2025-28330
Malicious code in bioql PyPI...
EUVD-2022-0356
Malicious code in bioql PyPI...
EUVD-2025-29241
Malicious code in bioql PyPI...