25 matches found
CVE-2026-59862 Kiota: Code Generation Literal Injection in the Python Generator
Kiota is an OpenAPI based HTTP Client code generator. Prior to 1.32.0, Kiota's Python generator let attacker-controlled enum value descriptions from x-ms-enum.values.description flow through KiotaBuilder.SetEnumOptions into Documentation.DescriptionTemplate and...
PT-2026-56062
Name of the Vulnerable Software and Affected Versions Langroid versions prior to 0.65.1 Description Langroid is a framework for building large-language-model-powered applications. The SQLChatAgent component implements a SQL-injection mitigation that uses a raw-text regex blocklist DANGEROUS SQL...
Exploit for Insufficient Logging in Mariadb
CVE-2026-3494 - MariaDB serveraudit Logging Verification PoC...
EUVD-2019-7026
Malware in sbrugna...
EUVD-2025-27476
Malicious code in bioql PyPI...
CVE-2025-58759
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...
Improper Input Validation
Overview datahihi1/tiny-env is a simple environment variable loader for PHP applications Affected versions of this package are vulnerable to Improper Input Validation in the parsing of environment variable values. An attacker can cause applications to process unintended characters or comment text...
GHSA-72CM-7236-H43R TinyEnv: Inline comments not stripped properly in .env values
Impact TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text. Applications depending on strict environment values may expose logic errors, insecure...
TinyEnv: Inline comments not stripped properly in .env values
Impact TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text. Applications depending on strict environment values may expose logic errors, insecure...
CVE-2025-58759
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...
CVE-2025-58759 TinyEnv: Inline comments not stripped properly in .env values
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...
CVE-2025-58759
TinyEnv is a PHP environment variable loader affected in versions 1.0.9 and 1.0.10 where inline comments inside .env values are not stripped, allowing unintended characters and potential misconfigurations or authentication failures. Root cause: improper handling of inline comments during parsing....
CVE-2025-58759 TinyEnv: Inline comments not stripped properly in .env values
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...
CVE-2025-58759 TinyEnv: Inline comments not stripped properly in .env values
TinyEnv is an environment variable loader for PHP applications. In versions 1.0.9 and 1.0.10, TinyEnv did not properly strip inline comments inside .env values. This could lead to unexpected behavior or misconfiguration, where variables contain unintended characters including or comment text...
The Influence of Code Comments on the Perceived Helpfulness of Stack Overflow Posts
Question-and-answer platforms such as Stack Overflow have become an important way for software developers to share and retrieve knowledge. However, reusing poorly understood code can lead to serious problems, such as bugs or security vulnerabilities. To better understand how code comments affect...
CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed...
CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed...
CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed...
Authorization
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed...
CVE-2023-50871
In JetBrains YouTrack before 2023.3.22268 authorization check for inline comments inside thread replies was missed...