UBUNTU-CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

coopihc-modelchecks (=0.1.0), iperturb (=0.2.0) potentially affected by CVE-2026-31048 via pyro (=3.16.0)

pyro PYPI version =3.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on pyro and may be impacted: - coopihc-modelchecks =0.1.0 - iperturb =0.2.0 Source cves: CVE-2026-31048 Source advisory: SNYK:PYTHON-PYRO-16428622...

CVE-2026-31048

An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message...

CVE-2026-31048

creationtimestamp| type| source ---|---|--- 2026-04-10 17:00:04+00:00| seen| https://t.me/GithubRedTeam/79768 2026-04-10 21:00:05+00:00| published-proof-of-concept| Telegram/JqVwQ-JC9B9ph46qqgs1KPvHPPLX-sQPp9do9RGc2keWM...

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

CVE-2025-31048

creationtimestamp| type| source ---|---|--- 2026-01-05 12:04:18+00:00| seen| Telegram/e-X4ScE1vEPdKuuUEgfhVv-BIPUzPUJYlt0nH6CCEcxyPQ...

CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4...

WordPress Shopo Theme <= 1.1.4 is vulnerable to Arbitrary File Upload

Software Shopo Type Theme Vulnerable versions = 1.1.4 Fixed in N/A OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-31048 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID 148bf5acafb9 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity...

CVE-2023-31048

creationtimestamp| type| source ---|---|--- 2023-12-18 09:38:09+00:00| seen| https://t.me/arpsyndicate/1956...

CVE-2023-31048

The OPC UA .NET Standard Reference Server before 1.4.371.86. places sensitive information into an error message that may be seen remotely...

CVE-2022-31048

creationtimestamp| type| source ---|---|--- 2022-06-15 00:19:16+00:00| seen| https://t.me/cibsecurity/44457...

CVE-2022-31048 Cross-Site Scripting in Form Framework

TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user account with access to the form module is needed to exploit...

CVE-2022-31048

TYPO3’s Form Designer backend module of the Form Framework is vulnerable to cross-site scripting. A valid backend user with access to the Form module can exploit it. Affected TYPO3 versions prior to the fixes are 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11. The problem is fixed in those releas...

CVE-2021-31048

...

CVE-2021-31048

CVE-2021-31048 is rejected; this candidate is not used and does not represent an active vulnerability.