Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 12:27 p.m.10 views

Security Bulletin: There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41305)

Summary There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an...

6.1CVSS5.8AI score0.00205EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/01 8:8 a.m.10 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305

Summary IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file an...

6.1CVSS5.8AI score0.00205EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/22 8:50 a.m.11 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to multiple vulnerabilities due to node modules axios, protobufjs, fast-xml-parser, follow-redirects, brace-expansion,...

9.8CVSS6.2AI score0.00745EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/07 7:52 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in postcss-8.5.5.tgz

Summary IBM Watson Discovery Cartridge affected by vulnerability in postcss-8.5.5.tgz Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an Abstract Syntax Tree. Versions prior to 8.5....

6.1CVSS5.8AI score0.00205EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2026/05/06 7:18 p.m.13 views

CVE-2026-41305 vulnerabilities

Vulnerabilities for packages: saf, gitlab-rails-ce-fips, homepage, gitlab-rails-ce, vite, pelias-api, vitess, renovate, drupal, keep, jitsucom-jitsu, keep-fips, langfuse-fips, langfuse...

6.1CVSS5.9AI score0.00205EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/04/24 2:27 a.m.5 views

CVE-2026-41305 PostCSS has XSS via Unescaped </style> in its CSS Stringify Output

PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an Abstract Syntax Tree. Versions prior to 8.5.10 do not escape sequences when stringifying CSS ASTs. When user-submitted CSS is parsed and re-stringified for embedding in HTML tags, in CSS...

6.1CVSS5.2AI score0.00205EPSS
Exploits0References2
Rows per page
Query Builder