CVE-2026-0969

The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of MDX content. This vulnerability, CVE-2026-0969, is fixed in next-mdx-remote 6.0.0...

CVE-2026-0969

creationtimestamp| type| source ---|---|--- 2026-02-12 07:01:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mengc2oop22g 2026-02-12 21:09:28+00:00| seen| https://bsky.app/profile/socket.dev/post/3meovnosx7k2j 2026-02-13 08:10:24+00:00| seen|...

@aliceoq/library-test (>=1.3.2 <=1.3.3), @bentwnghk/chat (>=1.61.0 <=1.107.2) +165 more potentially affected by CVE-2026-0969 via next-mdx-remote (>=4.4.1 <=5.0.0)

next-mdx-remote NPM version =4.4.1, =1.3.2, =1.61.0, =1.1.1, =0.0.2, =1.0.0, =0.1.1, =0.0.1, =2.13.2, =0.0.3, =0.2.0, =0.0.66, =0.1.10, =0.1.11 - @graphcommerce/docs =3.1.4 and more Source cves: CVE-2026-0969 Source advisory: OSV:GHSA-G4XW-JXRG-5F6M...

@aliceoq/library-test (>=1.3.2 <=1.3.3), @bentwnghk/chat (>=1.61.0 <=1.107.2) +165 more potentially affected by CVE-2026-0969 via next-mdx-remote (>=4.4.1 <=5.0.0)

next-mdx-remote NPM version =4.4.1, =1.3.2, =1.61.0, =1.1.1, =0.0.2, =1.0.0, =0.1.1, =0.0.1, =2.13.2, =0.0.3, =0.2.0, =0.0.66, =0.1.10, =0.1.11 - @graphcommerce/docs =3.1.4 and more Source cves: CVE-2026-0969 Source advisory: SNYK:JS-NEXTMDXREMOTE-15282839...

CVE-2026-0969

The serialize function used to compile MDX in next-mdx-remote is vulnerable to arbitrary code execution due to insufficient sanitization of MDX content. This vulnerability, CVE-2026-0969, is fixed in next-mdx-remote 6.0.0...

EUVD-2026-0969

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

CVE-2025-0969

The Brizy – Page Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.16 via the getusers function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including...

CVE-2025-0969

creationtimestamp| type| source ---|---|--- 2025-12-13 12:11:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7ul4uodqh2o 2025-12-15 08:53:29+00:00| seen| https://gist.github.com/Darkcrai86/e7c1d557f97418cf06897855113aad0f...

WordPress Brizy – Page Builder plugin <= 2.7.16 - Authenticated (Contributor+) Sensitive Information Exposure via get_users Function vulnerability

Authenticated Contributor+ Sensitive Information Exposure via getusers Function vulnerability discovered by stealthcopter in WordPress Plugin Brizy versions = 2.7.16...

CVE-2020-0969

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'...

CVE-2013-0969

Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard...

CVE-2005-0969

Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service kernel panic and possibly execute arbitrary code via crafted parameters...

CentOS 7 : java-1.7.1-ibm (RHSA-2022:0969)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0969 advisory. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are...

RHEL 8 : firefox (RHSA-2024:0969)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0969 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2024-0969 ARMember <= 4.0.24 - Improper Access Control to Sensitive Information Exposure via REST API

The ARMember plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.21 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin's "Default Restriction" feature and view restricted post content...

WordPress ARMember Plugin <= 4.0.24 is vulnerable to Sensitive Data Exposure

Software ARMember Type Plugin Vulnerable versions = 4.0.24 Fixed in 4.0.25 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0969 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 16435d63d3f2 Credits Francesco Carlucci Required...

CVE-2023-0969

creationtimestamp| type| source ---|---|--- 2023-06-22 00:42:43+00:00| seen| https://t.me/cibsecurity/65404...

CVE-2023-0969 Global read overflow in Z/IP Gateway

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory...

CVE-2023-0969 Global read overflow in Z/IP Gateway

A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory...

CVE-2023-0969

CVE-2023-0969 affects SiLabs Z/IP Gateway (versions 7.18.01 and earlier). An authenticated attacker within Z-Wave range can manipulate an array pointer to disclose contents of global memory. Exploitation characteristics in the sources indicate an adjacent attack vector with low impact: confidenti...