CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

ezBookkeeping 安全漏洞

ezBookkeeping is a lightweight personal accounting application developed by mayswind developers. Versions of ezBookkeeping 1.2.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of validation of nested depths during the processing of JSON and XML file...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

CVE-2025-65519

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

PT-2026-20459

mayswind ezbookkeeping versions 1.2.0 and earlier contain a critical vulnerability in JSON and XML file import processing. The application fails to validate nesting depth during parsing operations, allowing authenticated attackers to trigger denial of service conditions by uploading deeply nested...

CVE-2025-65519

CVE-2025-65519 affects mayswind ezbookkeeping

EUVD-2024-53641

Malicious code in bioql PyPI...

EUVD-2024-53640

Malicious code in bioql PyPI...

SUSE CVE-2024-57603

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...

SUSE CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

GO-2025-3474 MaysWind ezBookkeeping has Improper Privilege Management in github.com/mayswind/ezbookkeeping

MaysWind ezBookkeeping has Improper Privilege Management in github.com/mayswind/ezbookkeeping...

GO-2025-3466 Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping

Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping...

CVE-2024-57603

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...

CVE-2024-57604

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

MaysWind ezBookkeeping has Improper Privilege Management

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...

Missing rate limit in MaysWind ezBookkeeping

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting...

GHSA-MPG8-8X9C-P9GV MaysWind ezBookkeeping has Improper Privilege Management

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component...