2 matches found
CVE-2026-23768
creationtimestamp| type| source ---|---|--- 2026-01-16 07:31:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcjlel65xf2x...
CVE-2026-23768
lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribute missing a file extension...