4 matches found
CVE-2026-59855
The CVE affects SiYuan prior to version 3.7.1 where Asset.render (app/src/asset/index.ts) interpolates unsanitized this.path into innerHTML. This allows a crafted asset link containing a double quote to break the src attribute and inject an event handler, enabling JavaScript execution that can ru...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-006283)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006283 advisory. Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of...
UBUNTU-CVE-2025-26625
Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outside the current Git working tree if symbolic or hard links...
EUVD-2025-6003
Malicious code in bioql PyPI...