SUSE CVE-2024-43365

Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in links.php . Morever, the said consolenewsection parameter is stored in the database and reflected back to user in index.php, finally leading t...

Exploit for Improper Neutralization of Line Delimiters in Cacti

CVE-2025-24367-WebShell Exploit He creado este pequeño script...

CVE-2026-40087

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

CVE-2026-40087 LangChain has incomplete f-string validation in prompt templates

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

CVE-2026-40087

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-string prompt-template validation was incomplete in two respects. First, some prompt template classes accepted f-string templates and formatted them without enforcing the same...

LangChain 安全漏洞

LangChain is an open-source framework developed by LangChain for creating applications powered by large language models LLMs. Versions of LangChain prior to 0.3.84 and 1.2.28 contained security vulnerabilities. These vulnerabilities stemmed from incomplete validation of f-string template fields,...

EUVD-2025-30600

Malicious code in bioql PyPI...

EUVD-2023-56230

Malicious code in bioql PyPI...

CVE-2025-58199

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

CVE-2025-58199

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

CVE-2025-58199 WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

CVE-2025-58199

Summary: CVE-2025-58199 is a CSRF vulnerability in Fastly (the Fastly service) affecting versions up to 1.2.28. The accompanying metrics show base CVSS v3.1 score 4.3 (Medium) with network attack vector, low integrity impact, and user interaction required. The connected document indicates the iss...

CVE-2025-58199 WordPress Fastly plugin <= 1.2.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through = 1.2.28...

PT-2025-38883

Name of the Vulnerable Software and Affected Versions Fastly versions n/a through 1.2.28 Description A Cross-Site Request Forgery issue exists in Fastly. This allows attackers to perform actions on behalf of authenticated users without their knowledge. Recommendations Update Fastly to a version...

WordPress plugin Fastly 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

Linux Distros Unpatched Vulnerability : CVE-2024-43362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php...

Linux Distros Unpatched Vulnerability : CVE-2024-43364

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. The title parameter is not properly sanitized when saving external links in links.php...

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a...

SUSE CVE-2024-43363

Cacti is an open source performance and fault management framework. An admin user can create a device with a malicious hostname containing php code and repeat the installation process completing only step 5 of the installation process is enough, no need to complete the steps before or after it to...

SUSE CVE-2024-43364

Cacti is an open source performance and fault management framework. The title parameter is not properly sanitized when saving external links in links.php . Morever, the said title parameter is stored in the database and reflected back to user in index.php, finally leading to stored XSS. Users wit...