EUVD-2025-24571

Malicious code in bioql PyPI...

CVE-2025-52386

CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file...

CVE-2025-52386

CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file...

CycloneDX Sunshine 安全漏洞

CycloneDX Sunshine is an open source visualization tool from CycloneDX. A security vulnerability exists in CycloneDX Sunshine version v0.9 that stems from processing JSON files without validating formulas, which could lead to a CSV injection attack...

CVE-2025-52386

CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file...

CVE-2025-52386

CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file...

PT-2025-32992 · Unknown · Cyclonedx Sunshine

Name of the Vulnerable Software and Affected Versions: CycloneDX Sunshine version 0.9 Description: CycloneDX Sunshine version 0.9 is vulnerable to CSV Formula Injection via a crafted JSON file. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

CVE-2025-52386

CVE-2025-52386 affects CycloneDX Sunshine v0.9. The issue arises when processing JSON input without validating formulas, enabling a CSV Formula Injection via crafted JSON files. Potential impact includes injection into downstream CSV, depending on how the data are consumed. The connected document...