Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes through improper handling of the Object.assign process in the dataset service. An attacker can gain unauthorized access to...

EUVD-2025-209720

Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive Allocation, Flooding. This issue affects DivvyDrive: from 4.8.2.19 before...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the objecttoexecution.go process. An attacker can execute unauthorized actions or inject malicious content by providing crafted AI-generated YAML that is...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...

CVE-2026-5248

Summary : CVE-2026-5248 affects gougucms 4.08.18, specifically the function reg_submit in gougucms-master\app\home\controller\Login.php (User Registration Handler). The issue involves manipulation of the argument level that leads to dynamically-determined object attributes, enabling a potential r...

CVE-2026-5248

A vulnerability has been found in gougucms 4.08.18. This affects the function regsubmit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such manipulation of the argument level leads to dynamically-determined object attributes. The attack may b...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the RestrictedUnpickler...

Moxa MXsecurity Series 安全漏洞

Moxa MXsecurity Series is an industrial network security management software platform from Moxa Corporation of Taiwan, China. A security vulnerability exists in Moxa MXsecurity Series that stems from improperly controlled modification of dynamically determined object attributes, which could lead ...

Duplicate Advisory: Possible remote code execution via a remote procedure call

Withdrawn: duplicate of GHSA-pj4g-4488-wmxm Original Description In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...