EUVD-2026-34264

A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due to missing parentheses in the delete condition, the expression was evaluated as $validationError === null && POST || DELETE, meaning a DELETE request...

CVE-2026-44329

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

EUVD-2026-32569

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and...

CVE-2026-44329

CVE-2026-44329 affects free5GC SMF v4.2.1 where the UPI management route group is mounted without OAuth2/bearer-token auth. Consequently, unauthenticated requests to /upi/v1/upNodesLinks (GET, POST with attacker-controlled payload, DELETE /upi/v1/upNodesLinks/{nodeID}) can reach SMF business hand...

Filter Expression Injection

Spring AI is vulnerable to Filter Expression Injection. The vulnerability is due to insufficient sanitization of document IDs in MilvusVectorStoredoDeleteList, where attacker-controlled IDs are incorporated into Milvus filter expressions, allowing injection of malicious query conditions that can...

CVE-2026-42550

Flight is an extensible micro-framework for PHP. Prior to 3.18.1, SimplePdo::insert, SimplePdo::update, and SimplePdo::delete build SQL statements by concatenating the $table argument and the keys of the $data array directly into the query, with no identifier quoting and no validation. When an...

Flight SQL注入漏洞

Flight is a PHP microframework developed by Mike Cao. Versions of Flight prior to 3.18.1 contained an SQL injection vulnerability. This vulnerability occurred because the methods SimplePdo::insert, SimplePdo::update, and SimplePdo::delete directly concatenated the $table parameter and the keys fr...

CVE-2026-41705

Spring AI's MilvusVectorStoredoDeleteList implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest 1.1.x; upgrade to 1.1.6 o...

CVE-2026-44243

GitPython is a python library used to interact with Git repositories. Prior to version 3.1.48, a vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory...

GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository

🧾 Summary A vulnerability in GitPython allows attackers who can supply a crafted reference path to an application using GitPython to write, overwrite, move, or delete files outside the repository’s .git directory via insufficient validation of reference paths in reference creation, rename, and...

Spring AI has SQL Injection in CosmosDBVectorStore.doDelete()

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

CVE-2026-35154

Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper privilege management vulnerability. A high privileged attacker with local access could potentially...

CVE-2019-25709 CF Image Hosting Script 1.6.5 Unauthorized Database Access

CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via t...

CVE-2026-5627

A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the AgentFlows component. The vulnerability arises from improper handling of user input in the loadFlow and deleteFlow methods in server/utils/agentFlows/index.js. Specifically, the...

GHSA-G87C-R2JP-293W @tinacms/graphql's Media Endpoints Can Escape the Media Root via Symlinks or Junctions

Summary @tinacms/cli recently added lexical path-traversal checks to the dev media routes, but the implementation still validates only the path string and does not resolve symlink or junction targets. If a link already exists under the media root, Tina accepts a path like...

GHSA-G3MX-8JM6-RC85 Admidio has Missing CSRF Protections on Custom List Deletion in mylist_function.php

Reported by: Juan Felipe Oz @JF0x0r LinkedIn Summary The delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently destroy that user's list configurations —...

SUSE CVE-2026-33065

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling DELETE requests with an empty supi path parameter. This leak...

Vikunja read-only users can delete project background images via broken object-level authorization

Summary The DELETE /api/v1/projects/:project/background endpoint checks CanRead permission instead of CanUpdate, allowing any user with read-only access to a project to permanently delete its background image. Details The RemoveProjectBackground handler pkg/modules/background/handler/background.g...

Admidio 跨站请求伪造漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions 5.0.0 to 5.0.6 of Admidio have a cross-site request forgeing vulnerability. This...

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...