CVE-2025-14576

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

CVE-2025-14576 Possible QML code injection in VectorImage component

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

CVE-2025-14576

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

CVE-2025-14576

Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead to denial of...

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

MCP Server Semgrep 命令注入漏洞

MCP Server Semgrep is an AI assistant tool for integrated static code analysis, open-sourced by VetCoders. Version 1.0.0 of MCP Server Semgrep contains a command injection vulnerability. This vulnerability stems from the handling of parameter IDs in the...

n8n has SQL Injection in Snowflake and MySQL Nodes

Impact The fix for GHSA-f3f2-mcxc-pwjx did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly interpolating user-controlled table names, column names, and update keys into query strings without identifier escaping, enabling SQL injection against...

Cross-site Scripting (XSS)

Overview beets is a media library management system for obsessive music geeks. Affected versions of this package are vulnerable to Cross-site Scripting XSS through the included index.html template. An attacker can execute scripts in a victim’s browser by supplying crafted music metadata fields su...

Mail MCP Bridge 路径遍历漏洞

Mail MCP Bridge is a messaging analysis tool developed by Fatbobman Dongpo Zhouzi, which connects macOS email messages with AI. Versions of Mail MCP Bridge 1.3.3 and earlier have a path traversal vulnerability. This vulnerability stems from improper handling of the parameter messageids in the fil...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass through improper validation of the nick parameter in the user update process. An attacker can modify immutable account identifiers by intercepting and altering POST requests, potentially sabotaging audit trails,...

CVE-2026-7303 Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection

A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improp...

CVE-2026-40978

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

CVE-2026-40978

SQL injection vulnerability in Spring AI's CosmosDBVectorStore allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 fixed in 1.0.6, 1.1.0 - 1.1.4 fixed in 1.1.5...

OpenClaw has an unspecified vulnerability (CNVD-2026-19026)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to suppress legitimate events on different accounts by matching the eventname and messageid parameters...

SourceCodester Pharmacy Sales and Inventory System 跨站脚本漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a cross-site scripting vulnerability. This vulnerability stems from the...

Fedora 43 : openssh (2026-2cedc95af8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2cedc95af8 advisory. - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode - CVE-2026-35388: Add connection multiplexing...

Placement of User into Incorrect Group

Overview github.com/canonical/authd/internal/users is an authentication daemon for external Broker Affected versions of this package are vulnerable to Placement of User into Incorrect Group in the process responsible for assigning primary group IDs when a user's primary group ID differs from thei...

CVE-2026-42371

A flaw was found in uriparser. This vulnerability occurs due to numeric truncation in text range comparison when an application processes extremely long Uniform Resource Identifiers URIs, specifically those with lengths in gigabytes. A local attacker could exploit this flaw by providing a...

CLSA-2026-1777279578 java-11-openjdk: Fix of 6 CVEs

Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance certificate checking - CVE-2026-21932: enhance handling of URIs - CVE-2026-21933: improve HttpServer request handling - CVE-2026-21925: improve JMX connections - CVE-2025-64720: update libpng to 1.6.51 -...

EUVD-2026-25776

uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes...