PT-2026-48914

Name of the Vulnerable Software and Affected Versions Aqara Cloud affected versions not specified Description The OAuth Authorization Endpoint "open-cn.aqara.com/oauth/authorize" is subject to a redirect bypass caused by improper validation of unsafe equivalence in input. This flaw allows for...

CVE-2026-25477

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.26.0, there is an Open Redirect vulnerability located at the /redirect-proxy endpoint. The flaw exists in the domain validation logic, where an improperly anchored Regular Expression allows an attacker to...

EUVD-2018-13392

Malware in sbrugna...

CVE-2025-43747

The CVE-2025-43747 entry documents a server‑side request forgery (SSRF) in Liferay DXP 2025.Q2.0–2025.Q2.3 caused by insecure domain validation on analytics.cloud.domain.allowed, which permits an attacker to craft requests by altering the domain and bypasses the validation mechanism that does not...

Hail Security Vulnerability

Hail is a Python-based open source general purpose data analysis tool with additional data types and methods for working with genomic data. A security vulnerability exists in versions prior to Hail 0.2.127 that stems from the fact that Hail relies on the OpenID Connect OIDC email address in the I...