CVE-2026-9358

The CVE-2026-9358 vulnerability affects postcss up to 7.1.1, specifically the toString function in src/selectors/container.js of the AST Serialization component. A manipulated input can cause uncontrolled recursion, enabling a remote DoS. Public exploitation is indicated, with PoC-like details ci...

CLEANSTART-2026-SE34232 Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33811, CVE-2026-33814, CVE-2026-39817, CVE-2026-39819, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-40179, CVE-2026-42499, CVE-2026-42501, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p applied in versions: 7.1.1-r10, 7.1.1-r7, 7.1.1-r8, 7.1.1-r9

Multiple security vulnerabilities affect the minio-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

Astra Linux - уязвимость в curl

curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header...

CVE-2026-39335

ChurchCRM is an open-source church management system. Prior to 7.1.1, there is Stored XSS in group remove control and family editor state/country. This is primarily an admin-to-admin stored XSS path when writable entity fields are abused. This vulnerability is fixed in 7.1.1...

CVE-2026-39335

ChurchCRM is an open-source church management system. Prior to 7.1.1, there is Stored XSS in group remove control and family editor state/country. This is primarily an admin-to-admin stored XSS path when writable entity fields are abused. This vulnerability is fixed in 7.1.1...

CVE-2026-39335

ChurchCRM is affected by a Stored XSS in unescaped data-* attributes used in the Group remove control and Family editor state/country prior to version 7.1.1. The issue is fixed in 7.1.1. Impact is described as admin-to-admin stored XSS; CVSS metrics indicate Confidentiality/Integrity impact High,...

CLEANSTART-2026-TF98824 Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-p436-gjf2-799p applied in versions: 7.1.1-r0, 7.1.1-r1, 7.1.1-r3

Multiple security vulnerabilities affect the minio-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

Security Bulletin: Remediation of Multiple Apache Struts Vulnerabilities in IBM Library Support for Struts

Summary Multiple Apache Struts vulnerabilities have been addressed in IBM Library Support for Struts Vulnerability Details CVEID:CVE-2025-68493 DESCRIPTION: Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache...

CVE-2026-22352

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PersianScript Persian Woocommerce SMS persian-woocommerce-sms allows Reflected XSS.This issue affects Persian Woocommerce SMS: from n/a through = 7.1.1...

CLEANSTART-2026-YN08405 Security fixes for GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 7.1.1-r7

Multiple security vulnerabilities affect the minio-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

@dohyper/cli.hyper (>=0.0.1 <=0.0.10), @lumeweb/portal-sdk (>=0.0.0-20240306223335 <=0.0.2) +16 more potentially affected by CVE-2026-24132 via @orval/mock (>=6.21.0 <=7.1.1)

@orval/mock NPM version =6.21.0, =0.0.1, =0.0.0-20240306223335, =1.0.0, =0.1.0, =1.0.0, =1.2.0, =1.9.101, =1.9.101, =1.0.1, =0.0.0, =6.21.0, =7.19.0 and more Source cves: CVE-2026-24132 Source advisory: OSV:GHSA-F456-RF33-4626...

CVE-2025-68849

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through = 7.1.1...

CVE-2025-68849

CVE-2025-68849 — Quote Master WordPress plugin (

CVE-2025-68849

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Frank Corso Quote Master quote-master allows Reflected XSS.This issue affects Quote Master: from n/a through = 7.1.1...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

Linux Distros Unpatched Vulnerability : CVE-2025-68469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a...

UBUNTU-CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-68469 ImageMagick vulnerable to heap-buffer-overflow

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-68469 ImageMagick vulnerable to heap-buffer-overflow

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...

CVE-2025-68469

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.1-14, ImageMagick crashes when processing a crafted TIFF file. Version 7.1.1-14 fixes the issue...