Important: Red Hat Security Advisory: nodejs:24 security update

An update for the nodejs:24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2026-1527 vulnerabilities

Vulnerabilities for packages: code-server, renovate, jitsucom-jitsu...

CVE-2026-1527 vulnerabilities

Vulnerabilities for packages: librechat, kibana, renovate, pelias-api, jitsucom-jitsu, code-server...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2026-1527)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +384 more potentially affected by CVE-2026-1527 via undici (>=7.0.0 <=7.22.0)

undici NPM version =7.0.0, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.2, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =21.0.0, =0.5.0, =1.0.1, =12.6.9, =13.0.0-alpha.4 and more Source cves: CVE-2026-1527 Source advisory: OSV:GHSA-4992-7RV2-5PVQ...

0utmailauth (=1.0.0), 0xsodium (>=0.2.0 <=0.14.0) +13743 more potentially affected by CVE-2026-1527 via undici (>=0.3.3 <=6.23.0)

undici NPM version =0.3.3, =0.2.0, =1.0.0, =0.2.0, =0.1.0, =0.0.1, =1.0.21, =1.0.1, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-1527 Source advisory: OSV:GHSA-4992-7RV2-5PVQ...

Linux Distros Unpatched Vulnerability : CVE-2026-1527

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImpactWhen an application passes user-controlled input to the upgrade option of client.request, an attacker can inject CRLF sequences \r\n to: Inject arbitrary...

0utmailauth (=1.0.0), @1023-ventures/ursa-core (>=0.5.2 <=0.5.3) +1991 more potentially affected by CVE-2026-1527 via undici (>=6.0.1 <=6.23.0)

undici NPM version =6.0.1, =0.5.2, =0.5.2, =1.3.7, =1.3.7, =1.3.7, =1.0.0, =1.0.0, =0.1.5-alpha.0, =1.0.9-beta.0, =0.5.21, =0.5.21, =0.1.0, =0.1.5 and more Source cves: CVE-2026-1527 Source advisory: SNYK:JS-UNDICI-15518072...

org.webjars.npm:actions__core (>=1.10.0 <=1.11.1), org.webjars.npm:actions__http-client (>=2.2.1 <=2.2.3) +14 more potentially affected by CVE-2026-1527 via org.webjars.npm:undici (>=4.12.2 <=5.29.0)

org.webjars.npm:undici MAVEN version =4.12.2, =1.10.0, =2.2.1, =0.1.16, =0.1.28 - org.webjars.npm:elasticelasticsearch =8.6.0 - org.webjars.npm:elastictransport =8.3.1 - org.webjars.npm:firebase =10.13.0 - org.webjars.npm:firebaseauth =1.7.7 - org.webjars.npm:firebaseauth-compat =0.5.12 -...

CVE-2026-1527

creationtimestamp| type| source ---|---|--- 2026-03-12 20:16:25+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-1527 2026-03-12 20:38:26+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mgvaxyd7fk2f 2026-03-12 22:57:35+00:00| seen|...

MiracleLinux 4 : krb5-1.9-22.AXS4.1 (AXSA:2012-29:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-29:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

EUVD-2026-1527

Missing Authorization vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WPAttractiveDonationsSystem allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Attractive Donations System - Easy Stripe & Paypal donations: fro...

ECHO-49EA-B826-1527

Bulletin has no description...

CVE-2023-1527

Cross-site Scripting XSS - Generic in GitHub repository tsolucio/corebos prior to 8.0...

CVE-2003-1527

BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets...

CVE-2025-45790

TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cstemodules/firewall.so...

CMS Made Simple < 2.2.15 Multiple Vulnerabilities

CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cmsmadesimple:cmsmadesimple...

CVE-2025-1527

creationtimestamp| type| source ---|---|--- 2025-03-12 14:40:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7315...

CVE-2025-1527

CVE-2025-1527 involves ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules (formerly WooLentor) for WordPress. The vulnerability is a stored DOM-based cross-site scripting flaw in the Flash Sale Countdown module present in all versions up to and including 3.1.0, caused by insuf...

CVE-2025-1527 ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to a Stored DOM-Based Cross-Site Scripting via the plugin's Flash Sale Countdown module in all versions up to, and including, 3.1.0 due to...