272 matches found
CVE-2026-52888 NocoBase: Sensitive Data Exposure via SQL Blacklist Bypass
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. In 2.0.59 and earlier, NocoBase @nocobase/plugin-collection-sql used the checkSQL function in packages/plugins/@nocobase/plugin-collection-sql/src/server/utils.ts with an incomplete...
CVE-2026-13552
creationtimestamp| type| source ---|---|--- 2026-06-29 12:05:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpgh5oi7yr2n...
CVE-2026-8052
creationtimestamp| type| source ---|---|--- 2026-05-12 23:50:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mloy5xmzq32c...
CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...
CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...
CVE-2026-42050
ImageMagick pre-7.1.2-21 and pre-6.9.13-46 is affected by a stack buffer overflow in XTileImage triggered when processing a malicious MIFF file in the display tool via the Load/Update tile action. Public sources consistently describe this as a stack buffer overflow vulnerability in XTileImage, po...
CVE-2026-7891
creationtimestamp| type| source ---|---|--- 2026-05-07 23:24:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlceez7izf2i 2026-05-08 01:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116536365967570800 2026-05-08 01:30:29+00:00| seen|...
PT-2026-39747
Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-21 ImageMagick versions prior to 6.9.13-46 Description An overflow can be triggered when a user opens a malicious MIFF file in the display tool and right-clicks a tile to invoke the Load / Update menu item...
CVE-2026-38991
creationtimestamp| type| source ---|---|--- 2026-04-30 20:00:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkqfpruvij2z...
CVE-2026-6608
creationtimestamp| type| source ---|---|--- 2026-04-20 07:46:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvxztxyb32r...
CVE-2026-25208
creationtimestamp| type| source ---|---|--- 2026-04-13 05:46:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mje5zukgzr2y 2026-04-13 07:02:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjeccsb25w2a 2026-04-13 07:18:01+00:00| published-proof-of-concept|...
@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34746 via payload (>=3.0.0-alpha.46 <=3.79.0)
payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34746 Source advisory: SNYK:JS-PAYLOAD-15873863...
@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +33 more potentially affected by CVE-2026-34749 via payload (>=3.0.0-alpha.46 <=3.79.0)
payload NPM version =3.0.0-alpha.46, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 and more Source cves: CVE-2026-34749 Source advisory: SNYK:JS-PAYLOAD-15873856...
CVE-2026-23406
creationtimestamp| type| source ---|---|--- 2026-04-01 11:46:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migmm4p6aq23 2026-04-02 17:36:35+00:00| seen| Telegram/iLkahKLtHBTXrPbdzPdcuEMJtP6ph5Cfo4EzqcCLMOd2c4 2026-04-07 18:00:00+00:00| seen|...
CVE-2026-26936
creationtimestamp| type| source ---|---|--- 2026-02-26 19:57:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfry6g3dpa2d 2026-02-27 14:10:21+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mftva4kls32b 2026-03-01 09:07:55+00:00| seen|...
CVE-2026-27574
creationtimestamp| type| source ---|---|--- 2026-02-19 15:15:03+00:00| published-proof-of-concept| https://github.com/OneUptime/oneuptime/security/advisories/GHSA-v264-xqh4-9xmm 2026-02-21 11:18:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfeitrcwjf2s 2026-02-23...
CVE-2025-69419 affecting package edk2 for versions less than 20230301gitf80f052277c8-46
CVE-2025-69419 affecting package edk2 for versions less than 20230301gitf80f052277c8-46. A patched version of the package is available...
CVE-2026-1310
creationtimestamp| type| source ---|---|--- 2026-01-28 09:46:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdhyhs5ru52c...
CVE-2026-22817
creationtimestamp| type| source ---|---|--- 2026-01-13 20:21:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdeyseld32a 2026-01-13 22:27:48+00:00| seen| https://bsky.app/profile/undercode.bsky.social/post/3mcdm266svb2t 2026-01-24 21:25:28+00:00| seen|...
CVE-2025-64423
creationtimestamp| type| source ---|---|--- 2026-01-05 22:07:46+00:00| seen| Telegram/dnE6g3S2HF2ctEv4QL4AWKZnSnaJLWH3AV76rFV0fRF-qPg...