ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.114.0 <=0.120.0), ai.ancf.lmos:arc-memory-mongo-spring-boot-starter (>=0.114.0 <=0.120.0) +4709 more potentially affected by CVE-2026-40973 via org.springframework.boot:spring-boot (>=3.4.0 <=3.4.13)

org.springframework.boot:spring-boot MAVEN version =3.4.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =1.17.0, =1.17.0, =1.17.0, =0.0.1, =0.0.1, =0.25.7-rc.64, =0.25.7-rc.68 and more Source cves: CVE-2026-40973 Source advisory: OSV:GHSA-WWPQ-F5C3-7HVX...

ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +1033 more potentially affected by CVE-2026-22733 via org.springframework.boot:spring-boot-starter-actuator (>=3.4.0 <=3.4.13)

org.springframework.boot:spring-boot-starter-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =0.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.1.2 and more Source cves: CVE-2026-22733 Source advisory: OSV:GHSA-MGVC-8Q2H-5PGC...

ai.ancf.lmos:arc-runner (=0.114.0), ai.ancf.lmos:lmos-operator (>=0.5.0 <=0.6.0) +1033 more potentially affected by CVE-2026-22731 via org.springframework.boot:spring-boot-starter-actuator (>=3.4.0 <=3.4.13)

org.springframework.boot:spring-boot-starter-actuator MAVEN version =3.4.0, =0.5.0, =0.8.0, =0.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.1.2 and more Source cves: CVE-2026-22731 Source advisory: OSV:GHSA-8HFC-FQ58-R658...

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

WordPress Recipe Card Blocks plugin < 3.4.13 - Contributor+ SQLi vulnerability

Contributor+ SQLi vulnerability discovered by Purachai Phonwisut in WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor versions 3.4.13...

CVE-2025-14973

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

CVE-2025-14973 Recipe Card Blocks < 3.4.13 - Contributor+ SQLi

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

EUVD-2025-206372

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

WordPress plugin Recipe Card Blocks Lite has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4726

The Recipe Card Blocks Lite WordPress plugin before 3.4.13 does not sanitize and escape a parameter before using it in a SQL statement, allowing contributors and above to perform SQL injection attacks...

WordPress plugin Post Grid Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-24181 · Unknown · Post Grid Master

Name of the Vulnerable Software and Affected Versions: Post Grid Master versions through 3.4.13 Description: The issue is related to Missing Authorization, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through 3.4.13, update to a...

Statamic CMS remote code execution via front-end form uploads

Impact On front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded regardless of mime validation rules. This only affects forms using the "Forms" feature and not just any arbitrary form. This does not affect the control panel. Patches It has been patched i...

CVE-2023-47129 Statamic CMS remote code execution via front-end form uploads

Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just any arbitrary form. This...

Statamic Code Issue Vulnerability

Statamic is a powerful flat file Cms built on Laravel by Statamic USA. used to store all content, templates, assets and settings in files instead of databases. A security vulnerability exists in Statamic that stems from allowing an attacker to upload a crafted PHP file via the asset upload field...

GHSA-4926-QPXG-6R3W Exposure of Resource to Wrong Sphere in Spring Data REST

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for...

DEBIAN-CVE-2019-25026

Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting...

Redmine 安全漏洞

Redmine is a set of open source Web-based project management and defect tracking tools . The product provides project management , issue tracking and role-based access control and other features . A security vulnerability exists in Redmine versions prior to 3.4.13 and versions prior to 4.0.6 in t...

@pl-test/c (>=1.1.0 <=1.1.1), @pl-test/e (=1.1.0) +6 more potentially affected by CVE-2020-28494 via total.js (>=3.2.4 <=3.4.13)

total.js NPM version =3.2.4, =1.1.0, =0.3.0, =4.0.0, =1.0.0, =0.0.1, =0.0.4 Source cves: CVE-2020-28494 Source advisory: SNYK:JS-TOTALJS-1046672...

Security fix for the ALT Linux 10 package etcd version 3.4.13-alt1

Sept. 5, 2020 Alexey Shabalin 3.4.13-alt1 - 3.4.13 Fixes: CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114, CVE-2020-15115, CVE-2020-15136...