PT-2026-32687

Name of the Vulnerable Software and Affected Versions FortiSandbox versions 4.4.0 through 4.4.8 Description An OS command injection flaw exists in the JRPC API due to improper neutralization of the pipe symbol | when processing the jid parameter. This allows an unauthenticated remote attacker to...

PT-2026-32839

Name of the Vulnerable Software and Affected Versions .NET versions 8.0.0 through 8.0.25 .NET versions 9.0.0 through 9.0.14 .NET versions 10.0.0 through 10.0.5 Description Improper neutralization of special elements in System.Net.Mail allows an unauthorized attacker to perform a spoofing attack...

CVE-2026-32178

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...

PT-2026-32835

Name of the Vulnerable Software and Affected Versions SQL Server affected versions not specified Description Improper neutralization of special elements used in an sql command SQL injection allows an authorized attacker to elevate privileges locally. SQL injection is a technique where an attacker...

PT-2026-32841

Name of the Vulnerable Software and Affected Versions Windows Snipping Tool affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to execute arbitrary code locally and remotely, affecting the system. Recommendatio...

EUVD-2026-21996

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...

EUVD-2026-21988

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Network Report. This issue affects Pandora FMS: from 777 through 800...

CVE-2026-30813

CVE-2026-30813 describes an SQL Injection vulnerability in Pandora FMS versions 777 through 800, caused by improper neutralization of special elements in SQL commands used during the module search. The affected component is the module search functionality; root cause is inadequate input handling ...

PT-2026-32387

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...

PT-2026-32389

Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via Event Response execution. This issue affects Pandora FMS: from 777 through 800...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the generatethoughts function in the Tree-of-Thought Solver component. An attacker can execute...

EUVD-2026-21237

A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...

CVE-2026-5987

A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...

CVE-2026-5987 Sanluan PublicCMS FreeMarker Template AbstractFreemarkerView.java AbstractFreemarkerView.doRender special elements used in a template engine

A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...

CVE-2026-5987 Sanluan PublicCMS FreeMarker Template AbstractFreemarkerView.java AbstractFreemarkerView.doRender special elements used in a template engine

A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...

CVE-2026-5971

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...

PT-2026-31823

A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/com/publiccms/common/base/AbstractFreemarkerView.java of the component FreeMarker Template Handler...

Improper Neutralization of Special Elements Used in a Template Engine

Overview langchain-core is a Building applications with LLMs through composability Affected versions of this package are vulnerable to Improper Neutralization of Special Elements Used in a Template Engine via the template formatting. An attacker can access internal object fields or nested data by...

EUVD-2026-20141

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Syed Balkhi User Feedback userfeedback-lite allows Blind SQL Injection.This issue affects User Feedback: from n/a through = 1.10.1...

CVE-2026-39497

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Blind SQL Injection.This issue affects FOX: from n/a through = 1.4.5...