EUVD-2026-36259

Axios is a promise based HTTP client for the browser and Node.js. Axios versions before 0.32.0 on the 0.x line and before 1.16.0 on the 1.x line build a regular expression from the configured XSRF cookie name without escaping regex metacharacters. In standard browser environments, an attacker who...

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities were caused by a session cookie leakage issue, which could allow network attackers to exploit the improper...

karakeep 安全漏洞

Karakeep is an open-source bookmarking app developed by Karakeep App. Versions of Karakeep prior to 0.32.0 contained security vulnerabilities. These vulnerabilities stemmed from a SSRF protection that could be bypassed by carefully crafted HTTP redirection chains. Authentication users could enabl...

EUVD-2025-24410

Malicious code in bioql PyPI...

Eclipse OpenJ9 安全漏洞

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A security vulnerability exists in Eclipse Openj9 versions prior to 0.32.0 that stems from Java 8 & 11's inability to throw an exception caught during bytecode validati...