at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-40466 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.4)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-40466 Source advisory:...

[SECURITY] [DSA 6217-1] luanti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6217-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 17, 2026 https://www.debian.org/security/faq -...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1350 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-client (>=5.10.0 <=5.19.4)

org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-39304 Source advisory:...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.3)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7F...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1350 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-client (>=5.10.0 <=5.19.3)

org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7F...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.2)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-33227 Source advisory:...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.2)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-33227 Source advisory: OSV:GHSA-H2H4-5M64-M27...

CVE-2023-25822

ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the com.epam.reportportal:service-api module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1...

JLSEC-2025-5 Lack of validation for user-provided fields in GitHub.jl

There is a lack of input validation for user-provided values in certain functions. In the GitHub.repo function, the user can provide any string for the reponame field. These inputs are not validated or safely encoded and are sent directly to the server. Impact This means a user can add path...

EUVD-2020-6584

Malware in sbrugna...

EUVD-2023-34270

Malicious code in bioql PyPI...

EUVD-2023-34271

Malicious code in bioql PyPI...

EUVD-2022-27927

Malicious code in bioql PyPI...

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to improper mTLS configuration handling. An attacker can exploit this misconfiguration to establish unauthorized connections to Redis instances that are intended to require client certificate...

CVE-2023-2820

An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull PTR/TRAP could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic...

CVE-2020-14446

An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.10.0. An open redirect exists...

org.jboss.narayana.rts:lra-coordinator (>=5.10.0.Final <=5.10.6.Final), org.jboss.narayana.rts:lra-coordinator-jar-jakarta (>=5.13.1.Alpha1 <=5.13.1.Final) +7 more potentially affected by CVE-2024-8447 via org.jboss.narayana.rts:lra-coordinator-jar (>=5.10.0.Final <=7.0.2.Final)

org.jboss.narayana.rts:lra-coordinator-jar MAVEN version =5.10.0.Final, =5.10.0.Final, =5.13.1.Alpha1, =5.11.0.Final, =5.10.5.Final, =5.12.1.Final, =29.0.0.Alpha1, =28.0.0.Beta1, =28.0.0.Beta1, =28.0.0.Beta1, =28.0.1.Final Source cves: CVE-2024-8447 Source advisory: OSV:GHSA-QQ9F-Q439-2574...

CVE-2024-24510

Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component...

PT-2024-20429 · Alinto +1 · Alinto Sogo +1

Name of the Vulnerable Software and Affected Versions: Alinto SOGo versions prior to 5.10.0 Description: A Cross Site Scripting issue exists in Alinto SOGo, allowing a remote attacker to execute arbitrary code via the import function to the mail component. This can be exploited by a remote...

com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv5 (>=2.1.0 <=2.1.0-RC2), io.github.qsy7.java.dependencies:neo4j (=0.3.3) +29 more potentially affected by CVE-2024-34517 via org.neo4j:neo4j-cypher (>=5.10.0 <=5.18.1)

org.neo4j:neo4j-cypher MAVEN version =5.10.0, =2.1.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.0, =5.10.1, =5.18.0 and more Source cves: CVE-2024-34517 Source advisory: OSV:GHSA-P343-9QWP-PQXV...