EUVD-2026-31485

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both...

CVE-2026-39969 TypeBot: WhatsApp Webhook Endpoint Missing Signature Verification

TypeBot is a chatbot builder tool. In versions 3.16.0 and prior, the WhatsApp Cloud API webhook endpoint POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook does not verify the x-hub-signature-256 HMAC signature included by Meta in every webhook delivery. The webhook URL exposes both...

CVE-2026-39969

CVE-2026-39969 (TypeBot) affects TypeBot prior to 3.17.0. The WhatsApp Cloud API webhook endpoint POST /v1/workspaces/{workspaceId}/whatsapp/{credentialsId}/webhook did not verify the x-hub-signature-256 HMAC in deliveries. The endpoint also exposes workspaceId and credentialsId in the URL path, ...

PT-2026-42825

Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.17.0 Description The WhatsApp Cloud API webhook endpoint 'POST /v1/workspaces/workspaceId/whatsapp/credentialsId/webhook' fails to verify the x-hub-signature-256 HMAC signature provided by Meta. Because the...

Cybertron Privacy Drive 代码问题漏洞

Cybertron Privacy Drive is a security software from Cybertron Corporation that supports disk encryption, creation of virtual encrypted volumes, and protection of privacy data. Version 3.17.0 of Cybertron Privacy Drive has a code vulnerability. This vulnerability stems from an unreferenced service...

CVE-2022-4988

Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have...

CVE-2022-4988 Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries

Alien::FreeImage versions through 1.001 for Perl contains several vulnerable libraries. Alien::FreeImage contains version 3.17.0 of the FreeImage library from 2017, which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The library embeds other images libraries that also have...

CVE-2022-4988

CVE-2022-4988 relates to the Perl package Alien::FreeImage (through version 1.001). The issue is tied to the embedded FreeImage library (version 3.17.0, 2017), which has known vulnerabilities such as CVE-2015-0852 and CVE-2025-65803. The description also notes that the FreeImage library embeds ot...

alien-freeimage 安全漏洞

alien-freeimage is a development file auxiliary module developed by the KMX individual developer for building and installing the FreeImage library. Versions of alien-freeimage 1.001 and earlier contain security vulnerabilities, which stem from the inclusion of multiple libraries that have known...

langfuse 跨站请求伪造漏洞

langfuse is a large language model engineering platform open-sourced by Langfuse. A cross-site request forgery vulnerability exists in langfuse version 2.95.0 up to and including version 2.95.12 and version 3.17.0 up to and including version 3.131.0, which stems from a misconfiguration of SSO and...

CVE-2025-22288

Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Image Compression and Optimization wp-smushit allows Path Traversal.This issue affects Smush Image Compression and Optimization: from n/a through = 3.17.0...

CVE-2025-22288 WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability

Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Image Compression and Optimization wp-smushit allows Path Traversal.This issue affects Smush Image Compression and Optimization: from n/a through = 3.17.0...

EUVD-2025-38034

Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Image Compression and Optimization wp-smushit allows Path Traversal.This issue affects Smush Image Compression and Optimization: from n/a through = 3.17.0...

CVE-2025-22288

CVE-2025-22288 is a path traversal vulnerability in the WordPress Smush Image Compression and Optimization plugin (wp-smushit) by WPMU DEV. The issue is described as a directory traversal flaw allowing access via a path like '.../...//', affecting the Smush Image Compression and Optimization plug...

CVE-2025-22288 WordPress Smush Image Compression and Optimization plugin <= 3.17.0 - Directory Traversal vulnerability

Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush Image Compression and Optimization wp-smushit allows Path Traversal.This issue affects Smush Image Compression and Optimization: from n/a through = 3.17.0...

EUVD-2019-19000

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-46250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions 3.7.0 through 3.16.4 can craft a PDF which lea...

Linux Distros Unpatched Vulnerability : CVE-2021-21897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A code execution vulnerability exists in the DLDxf::handleLWPolylineData functionality of Ribbonsoft dxflib 3.17.0. A specially-crafted .dxf file can lead to a...

Security update for helm

This update for helm fixes the following issues: Update to version 3.17.2 bsc1238688, CVE-2025-22870: Updating to 0.37.0 for x/net builddeps: bump the k8s-io group with 7 updates Update to version 3.17.1: merge null child chart objects builddeps: bump the k8s-io group with 7 updates fix: check...

WordPress plugin Zox News 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...