@armenak/aa (=1.0.1), @armenak/ui-kit (>=1.0.0 <=1.0.5) +73 more potentially affected by CVE-2026-41691 via i18next-http-backend (>=3.0.1 <=3.0.4)

i18next-http-backend NPM version =3.0.1, =1.0.0, =1.0.2, =3.12.2-pre.0a3e0d524e, =3.2.9, =3.2.9, =10.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =3.42.3, =3.8.2, =3.7.3, =3.7.11 - @eternal-baguette/sample-component =0.0.3 and more Source cves: CVE-2026-41691 Source advisory:...

@26lights/orcha (>=0.1.0 <=2.0.3), @8medusa/admin-bundler (>=1.0.0 <=2.12.4) +1085 more potentially affected by CVE-2026-41691 via i18next-http-backend (>=1.0.12 <=3.0.4)

i18next-http-backend NPM version =1.0.12, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =2.7.0, =0.0.1, =0.0.2, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =0.0.0, =1.0.0, =1.1.4, =1.0.0, =1.0.2 and more Source cves: CVE-2026-41691 Source advisory: OSV:GHSA-Q89C-Q3H5-W34G...

CVE-2024-41691

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...

CVE-2025-41691

An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service DoS condition...

CVE-2025-41691

CVE-2025-41691 affects CODESYS Control runtime systems, with the specific vulnerability described in PT-2025-31800 as an unauthenticated remote attacker triggering a NULL pointer dereference in CODESYS Control runtime systems via specially crafted communication requests, potentially leading to a ...

CVE-2024-41691

creationtimestamp| type| source ---|---|--- 2024-07-26 15:30:04+00:00| seen| https://t.me/cvedetector/1678...

CVE-2024-41691

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...

CVE-2023-41691

creationtimestamp| type| source ---|---|--- 2023-09-29 18:37:46+00:00| seen| https://t.me/cibsecurity/71296...

CVE-2023-41691

CVE-2023-41691 is an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the Pensopay WooCommerce PensoPay plugin for WordPress/WooCommerce, affecting versions

WordPress WooCommerce PensoPay Plugin <= 6.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce PensoPay Type Plugin Vulnerable versions = 6.3.1 Fixed in 6.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-41691 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7eca3d1b3162 Credits Le Ngoc Anh...

CVE-2021-41691

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41691.yaml 2025-06-24 15:47:04+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19361 2025-06-25...

CVE-2022-41691

creationtimestamp| type| source ---|---|--- 2022-10-20 02:20:45+00:00| seen| https://t.me/cibsecurity/51844 2025-05-08 18:24:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15565...

Vulnerabilities fixed in several F5 products

F5 has fixed several vulnerabilities in BIG-IP and NGINX. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution...

CVE-2022-41691

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...

CVE-2022-41691 BIG-IP Advanced WAF/ASM bd vulnerability CVE-2022-41691

When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate...

CVE-2022-41691

CVE-2022-41691 – Summary (F5 BIG-IP Advanced WAF/ASM) A vulnerability in BIG-IP Advanced WAF/ASM is triggered when a security policy is applied on a virtual server; undisclosed requests can cause the bd process to terminate, resulting in DoS on the BIG-IP system. The vulnerability is documented b...

F5 Networks BIG-IP : BIG-IP Advanced WAF and ASM bd vulnerability (K02694732)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.2. It is, therefore, affected by a vulnerability as referenced in the K02694732 advisory. - When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd...

Xiaomi Mi Mix 2S Access Control Error Vulnerability (CNVD-2019-41691)

Xiaomi Mi Mix 2S is a smartphone from Chinese company Xiaomi Technology Xiaomi. A vulnerability in the Xiaomi Mi Mix 2S build fingerprint: Xiaomi/polaris/polaris:8.0.0/OPR1.170623.032/V9.5.19.0.ODGMIFA:user/release-keys in the com.huaqin. An access control error vulnerability exists in the factor...