VulnCheck KEV: CVE-2026-44742

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026...

leafkit 安全漏洞

Leafkit is an open-source application developed by Vapor. It uses Swift to create modular server-side software. Versions of Leafkit prior to 1.14.2 contained a security vulnerability. This vulnerability stemmed from incorrect HTML escaping when printing collections using value, which could lead t...

Improper Neutralization of Equivalent Special Elements

Overview vapor/leaf-kit is an an expressive, performant, and extensible templating language built for Swift. Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements in the htmlEscaped function. An attacker can inject malicious HTML or JavaScript...

Fortra Cobalt Strike 跨站脚本漏洞

Fortra Cobalt Strike is an application from Fortra, Inc. provides you with a post-development agent and covert channel to mimic a quiet, long-term embedded participant in a customer's network. A security vulnerability in Fortra Cobalt Strike version 4.7.1, which stems from the inability to proper...

w3m Vulnerability of Unauthorized Access to Files or Cookies

Overview w3m fails to properly escape HTML tags in the ALT attribute of an IMG tag, which could allow an attacker to access files or cookies. Impact An remote attacker could access files and cookies. Solution Please refer to the 'Vendor Information' section for official remediation and take...