9421 matches found
CVE-2026-49477
A flaw was found in soupsieve, a CSS selector library. This vulnerability allows a remote attacker to cause a Denial of Service DoS by supplying specially crafted, untrusted CSS selector strings. The flaw occurs due to a regular expression vulnerable to catastrophic backtracking when processing a...
CVE-2026-46640
A flaw was found in Twig, a template language for PHP. An attacker with low privileges could exploit a vulnerability in the self. and import-alias dynamic attribute syntax. By concatenating a malicious string into a MacroReferenceExpression name without proper validation, the attacker can cause r...
CVE-2026-61433
PraisonAI before 4.6.78 fails to safely encode deployment configuration values when generating Python source code for API servers. Attackers can inject arbitrary Python expressions through the deploy.api.host and agentsfile configuration parameters that execute when the generated server starts or...
CVE-2026-59259 n8n - Permission Bypass via Expression Parser Mismatch in External Secrets
n8n before versions 1.123.61, 2.27.4, and 2.28.1 contains a permission bypass vulnerability in external secrets handling caused by a mismatch between the static validation check and the runtime expression engine. An authenticated user with credential create or update permissions but without the...
CVE-2026-46640
Twig is a template language for PHP. From 3.15.0 until 3.26.0, self. and import-alias dynamic attribute syntax can concatenate an attacker-controlled string into a MacroReferenceExpression name without identifier validation, causing raw PHP to be emitted into the generated template source and...
CVE-2026-45065
CVE-2026-45065 affects Symfony’s UrlGenerator in the Symfony PHP framework. Prior to versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12, UrlGenerator validates route parameters with a pattern built as ^ + raw requirement + $, and ungrouped alternations can cause middle alternatives to match as unanchore...
Adobe Experience Manager - Expression Language Injection
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 has an expression language injection vulnerability. id: CVE-2019-16469 info: name: Adobe Experience Manager - Expression Language Injection author: DomenicoVeneziano severity: high description: | Adobe Experience Manager versions...
CVE-2026-55773
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 2.3.6, 3.4.1 and 4.9.0, under certain circumstances, improper input handling could allow Cedar-expression injection via unescaped toCedarExpr. The...
CVE-2026-55773 CedarJava has a policy injection vulnerability
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 2.3.6, 3.4.1 and 4.9.0, under certain circumstances, improper input handling could allow Cedar-expression injection via unescaped toCedarExpr. The...
CVE-2026-55773 CedarJava has a policy injection vulnerability
CedarJava is an open source Java implementation of the Cedar policy language, used for fine-grained authorization decisions. In versions prior to 2.3.6, 3.4.1 and 4.9.0, under certain circumstances, improper input handling could allow Cedar-expression injection via unescaped toCedarExpr. The...
n8n - Remote Code Execution via Expression Injection
n8n 1.120.4, 1.121.1, 1.122.0 contains a remote code execution caused by insufficient isolation in workflow expression evaluation, letting authenticated attackers execute arbitrary code with n8n process privileges. Exploit requires authentication. id: CVE-2025-68613 info: name: n8n - Remote Code...
EUVD-2026-35181
YesWiki has Unsafe eval in its Formula Calculato, Leading to Remote Code Execution & Denial of Service...
CVE-2026-59209
n8n is an open source workflow automation platform. Affected versions prior to 1.123.61, 2.27.4, and 2.28.1 expose a vulnerability where an authenticated user with editor access to a shared workflow can read credential-populated headers via the $request object inside an HTTP Request node’s pagina...
EUVD-2026-42613
n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and...
protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors
A flaw was found in protobufjs, a library used to compile protobuf definitions into JavaScript functions. A remote attacker could exploit this vulnerability by providing a crafted descriptor that includes a non-string default value for a bytes field. This could lead to the generation of an unsafe...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the matches, matchesFull, and replaceMatches functions in FHIRPath expression evaluation. An attacker can exhaust system CPU resources by submitting specially crafted regular expressions th...