CVE-2026-41250 XSS in taiga-front

Taiga is a project management platform for startups and agile developers. Prior 6.9.1, Taiga front is vulnerable to stored XSS. This vulnerability is fixed in 6.9.1...

EUVD-2026-29118

Taiga is a project management platform for startups and agile developers. Prior 6.9.1, Taiga front is vulnerable to stored XSS. This vulnerability is fixed in 6.9.1...

Astra Linux - уязвимость в qtimageformats-opensource-src

When loading a specially crafted ICNS format image file in QImage, it will cause a crash. This issue affects Qt versions 6.3.0 through 6.5.9, 6.6.0 through 6.8.4, and 6.9.0. This issue has been fixed in versions 6.5.10, 6.8.5, and 6.9.1...

UBUNTU-CVE-2026-33123

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1...

CVE-2026-33123

Affected software: pypdf. Vulnerability: inefficient decoding of array-based streams can enable an attacker to craft PDFs that cause long runtimes and/or high memory usage when accessing an array-based stream with many entries. Root cause: malleable decoding path for array-based streams leading t...

CVE-2026-33123 pypdf has inefficient decoding of array-based streams

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1...

GHSA-QPXP-75PX-XJCP pypdf has inefficient decoding of array-based streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and/or large memory usage. This requires accessing an array-based stream with lots of entries. Patches This has been fixed in pypdf==6.9.1. Workarounds If you cannot upgrade yet, consider applying the...

Inefficient Algorithmic Complexity

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the decoding process of array-based streams. An attacker can cause excessive resource...

CVE-2026-21886

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.9.1, the GraphQL mutations "IndividualDeletionDeleteMutation" is intended to allow users to delete individual entity objects respectively. However, it was observed that this...

CVE-2026-21886 OpenCTI's GraphQL Mutations Allow Deletion of Unrelated Entities

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.9.1, the GraphQL mutations "IndividualDeletionDeleteMutation" is intended to allow users to delete individual entity objects respectively. However, it was observed that this...

EUVD-2026-12578

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.9.1, the GraphQL mutations "IndividualDeletionDeleteMutation" is intended to allow users to delete individual entity objects respectively. However, it was observed that this...

OpenCTI 安全漏洞

OpenCTI is an open-source network threat intelligence platform developed by OpenCTI. Versions of OpenCTI prior to 6.9.1 contained security vulnerabilities. These vulnerabilities were due to a flaw in GraphQL mutations that lacked validation, which could lead to the deletion of irrelevant and...

WordPress Core <= 6.9.1 - Cross-Site Scripting vulnerability

Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress core versions 6.9-6.9.1...

CVE-2025-66428

An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation...

CVE-2025-66428

An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation...

EUVD-2019-3222

Malware in sbrugna...

EUVD-2025-21120

Malicious code in bioql PyPI...

CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...

OPENSUSE-SU-2025:15345-1 libQt6Concurrent6-6.9.1-2.1 on GA media

These are all security issues fixed in the libQt6Concurrent6-6.9.1-2.1 package on the GA media of openSUSE Tumbleweed...

Qt 安全漏洞

Qt is a cross-platform application development framework from the Qt open source. A security vulnerability exists in Qt versions 6.6.0 through 6.8.3 and 6.9.0 through 6.9.1, which stems from the fact that passing a value out of the expected range could result in a denial of service...