CVE-2026-7787

creationtimestamp| type| source ---|---|--- 2026-06-11 17:00:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzpa7kxjz25...

Security Bulletin: Unauthenticated Session History Access via Public Flow Execution

Summary A session ID namespace bypass vulnerability existed in Langflow OSS' POST /api/v1/buildpublictmp/flowid/flow endpoint that allowed unauthenticated attackers to access chat history from other users' sessions. The endpoint accepted an inputs.session parameter that could override the session...

CGA-CP2F-7787-PHCR

Bulletin has no description...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Libxslt vulnerabilities (USN-7787-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7787-1 advisory. Ivan Fratric discovered that Libxslt did not correctly handle certain memory operations. An attacker could possibly use this issu...

CVE-2025-7787

A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery. It is possible to launch...

cn.acyou:leo-framework-barcode (=1.6.0.RELEASE), cn.acyou:leo-framework-commons (=1.6.0.RELEASE) +228 more potentially affected by CVE-2025-7787 via com.xuxueli:xxl-job-core (>=1.8.2 <=3.1.1)

com.xuxueli:xxl-job-core MAVEN version =1.8.2, =1.0.7, =1.0.6, =1.2.3, =1.0.0-RELEASE, =0.0.8-RELEASE, =0.0.8-RELEASE, =1.0.0, =1.6.0, =1.6.154 and more Source cves: CVE-2025-7787 Source advisory: OSV:GHSA-F8VW-8VGH-22R9...

CVE-2025-7787

A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to server-side request forgery. It is possible to launch...

CVE-2024-7787

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...

CVE-2024-7787

creationtimestamp| type| source ---|---|--- 2024-11-14 08:24:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113480348162213077 2024-11-14 10:47:50+00:00| seen| https://t.me/cvedetector/10909...

CVE-2024-7787 Reflected XSS in ITG Computer Technology's vSRM Supplier Relationship Management System

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...

CVE-2024-7787

CVE-2024-7787 is a Reflected XSS vulnerability in ITG Computer Technology’s vSRM Supplier Relationship Management System, due to improper input neutralization during web page generation. Affected versions are before 28.08.2024. The issue is documented across multiple sources (NVD, CVE List, Red H...

GHSA-7787-P7X6-FQ3J

creationtimestamp| type| source ---|---|--- 2023-12-31 14:11:18+00:00| seen| https://t.me/ctinow/161086...

SUSE CVE-2016-7787

A maliciously crafted command line for kdesu can result in the user only seeing part of the commands that will actually get executed as super user...

Mageia: Security Advisory (MGASA-2017-0473)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0303)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2017-18) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2017:2302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

@joshmccall/atomic-stories (>=0.0.0-semantically-released <=1.9.5), abmcontent (=0.1.0) +3 more potentially affected by CVE-2020-7787 via react-adal (>=0.3.15 <=0.4.24)

react-adal NPM version =0.3.15, =0.0.0-semantically-released, =0.1.0, =0.1.3 - widgettestcomponent =0.1.0 Source cves: CVE-2020-7787 Source advisory: OSV:GHSA-7MPX-VG3C-CMR4...