CVE-2026-30938

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.12 and 9.5.1-alpha.1, the requestKeywordDenylist security control can be bypassed by placing any nested object or array before a prohibited keyword in the request payload. This is...

CVE-2026-30938

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.12 and 9.5.1-alpha.1, the requestKeywordDenylist security control can be bypassed by placing any nested object or array before a prohibited keyword in the request payload. This is...

CVE-2026-30938

Parse Server is affected by GHSA-Q342-9W2P-57FP, a vulnerability in the denylist keyword scan. The issue arises in the requestKeywordDenylist scanner: if a nested object/array appears before a prohibited keyword, the scanner exits prematurely, allowing bypass of the denylist. All deployments are ...

CVE-2025-54748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748 WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

CVE-2025-54748

Summary: CVE-2025-54748 concerns the WordPress MapSVG plugin with a path traversal flaw in versions before 8.6.12. The issue arises from improper limitation of a pathname, enabling traversal to restricted directories and enabling an arbitrary file download vulnerability. Affected software: MapSVG...

CVE-2025-54748 WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RomanCode MapSVG mapsvg allows Path Traversal.This issue affects MapSVG: from n/a through 8.6.12...

WordPress plugin MapSVG 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress MapSVG Plugin < 8.6.12 - Arbitrary File Download Vulnerability

Arbitrary File Download Vulnerability discovered by Anhchangmutrang Patchstack Alliance in WordPress Plugin MapSVG versions 8.6.12...

SUSE-FU-2022:0484-1 Feature update for tcl and tk

This feature update for tcl and tk fix the following issues: Update tcl and tk to version 8.6.12 jscSLE-21015, jscSLE-23283: - Move tcl.macros to /usr/lib/rpm/macros.d bsc1185662 - Use FAT LTO objects in order to provide proper static library bsc1138797 - Fix tcl build issues on s390 architecture...

PT-1999-1013 · Sendmail · Sendmail

Name of the Vulnerable Software and Affected Versions: Sendmail versions 8.6.11 through 8.6.12 Description: The issue is related to a denial of service in the affected software. Recommendations: For versions 8.6.11 and 8.6.12, update to a version that contains a fix for this issue...