@clerk/agent-toolkit (>=0.3.1-canary.v20260303211310 <=0.3.16-snapshot.v20260416221307), @clerk/astro (>=3.0.1-canary.v20260303211310 <=3.0.18-snapshot.v20260421194054) +9 more potentially affected by CVE-2026-42349 via @clerk/backend (>=3.0.0 <=3.2.14-snapshot.v20260421194054)

@clerk/backend NPM version =3.0.0, =0.3.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =0.0.3-canary.v20260303211310, =7.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310,...

EUVD-2019-4320

Malware in sbrugna...

EUVD-2025-28292

Malicious code in bioql PyPI...

EUVD-2022-5125

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-26846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. CVE-2022-26846 Note that Nessus relies on the presence of...

Linux Distros Unpatched Vulnerability : CVE-2018-1999022

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method,...

WordPress plugin Ultimate Reviews 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-27096

WeGIA is a Web Manager for Institutions with a focus on Portuguese language. A SQL Injection vulnerability was discovered in the WeGIA application, personalizacaoupload.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive...

CVE-2025-27096 SQL Injection endpoint 'html/personalizacao_upload.php' parameter 'id_campo' in WeGIA

WeGIA is a Web Manager for Institutions with a focus on Portuguese language. A SQL Injection vulnerability was discovered in the WeGIA application, personalizacaoupload.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive...

CVE-2025-27096 SQL Injection endpoint 'html/personalizacao_upload.php' parameter 'id_campo' in WeGIA

WeGIA is a Web Manager for Institutions with a focus on Portuguese language. A SQL Injection vulnerability was discovered in the WeGIA application, personalizacaoupload.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive...

PT-2025-7628 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.14 Description: A SQL Injection vulnerability was discovered in the WeGIA application, specifically in the "personalizacao upload.php" endpoint. This vulnerability allows an authorized attacker to execute arbitrary...

CVE-2025-26617

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, historicopaciente.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...

CVE-2025-26609

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, familiardocfamiliar.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthoriz...

CVE-2025-26613

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. An OS Command Injection vulnerability was discovered in the WeGIA application, gerenciarbackup.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. This issue ha...

CVE-2025-26614 SQL Injection endpoint 'deletar_documento.php' parameter 'id_cargo' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, deletardocumento.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access t...

CVE-2025-26616

WeGIA (open source Web Manager) contains a Path Traversal vulnerability in the exportar_dump.php endpoint that could disclose sensitive data in config.php, potentially enabling direct database access. Affected versions are prior to 3.2.14. The issue has been addressed in version 3.2.14, and users...

PT-2025-7215 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.14 Description: A Path Traversal issue was discovered in the WeGIA application, affecting the exportar dump.php endpoint. This could allow an attacker to gain unauthorized access to sensitive information stored in...

PT-2025-7213 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.14 Description: A SQL Injection vulnerability was discovered in the WeGIA application, deletar documento.php endpoint. This vulnerability allows an authorized attacker to execute arbitrary SQL queries, allowing...

PT-2025-7208 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.14 Description: A SQL Injection vulnerability was discovered in the WeGIA application, familiar docfamiliar.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing...

PT-2025-7214 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.14 Description: A Path Traversal vulnerability was discovered in the WeGIA application, affecting the examples.php endpoint. This issue could allow an attacker to gain unauthorized access to sensitive information...