CVE-2026-25989

A flaw was found in ImageMagick, a software used for editing and manipulating digital images. A remote attacker could exploit an off-by-one boundary check vulnerability by providing a specially crafted SVG Scalable Vector Graphics file. This could lead to a denial of service DoS condition, making...

EUVD-2021-28581

Malicious code in bioql PyPI...

EUVD-2021-29793

Malicious code in bioql PyPI...

EUVD-2024-23540

Malicious code in bioql PyPI...

EUVD-2025-4644

Malicious code in bioql PyPI...

EUVD-2022-38810

Malicious code in bioql PyPI...

EUVD-2024-39608

Malicious code in bioql PyPI...

PT-2025-29344 · Unknown · Springboot Mybatisplus

Name of the Vulnerable Software and Affected Versions: JoeyBling SpringBoot MyBatisPlus versions up to a6a825513bd688f717dbae3a196bc9c9622fea26 Description: A critical vulnerability exists in the Download function of the /file/download endpoint. Manipulation of the Name argument allows for path...

PT-2025-28147 · Unknown · Gavias Halpes

Name of the Vulnerable Software and Affected Versions: Gavias Halpes versions prior to 1.2.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. This enables potential attackers to inject...

PT-2025-27902 · Webemailprotector · Email Address Security

Name of the Vulnerable Software and Affected Versions: Email Address Security by WebEmailProtector versions n/a through 3.3.6 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that ...

PT-2025-27228 · Unknown · Sfturing Hosp Order

Name of the Vulnerable Software and Affected Versions: sfturing hosp order up to 627f426331da8086ce8fff2017d65b1ddef384f8 Description: A critical vulnerability has been found in the affected software. The issue is related to the findAllHosByCondition function in the HospitalServiceImpl.java file,...

PT-2025-27187 · Unknown · Antoineh Football Pool

Name of the Vulnerable Software and Affected Versions: AntoineH Football Pool versions n/a through 2.12.5 Description: The issue is related to improper neutralization of input during web page generation, which allows for Stored Cross-site Scripting XSS. This means that an attacker can inject...

PT-2025-27158 · Wpbakery · Ht Mega – Absolute Addons

Name of the Vulnerable Software and Affected Versions: HT Mega – Absolute Addons for WPBakery Page Builder versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This...

PT-2025-27088 · Backwp · Backwp

Name of the Vulnerable Software and Affected Versions: Backwp versions n/a through 2.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions n/a through 2.0.2,...

PT-2025-26399 · Unknown · Atakan Au Automatically Hierarchic Categories In Menu

Name of the Vulnerable Software and Affected Versions: Atakan Au Automatically Hierarchic Categories in Menu versions 2.0.9 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS...

PT-2025-26378 · Unknown · Better Random Redirect

Name of the Vulnerable Software and Affected Versions: Better Random Redirect versions 1.3.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

PT-2025-26375 · Tealium · Tealium

Name of the Vulnerable Software and Affected Versions: Tealium versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious script...

PT-2025-26372 · Hand Talk · Hand Talk

Name of the Vulnerable Software and Affected Versions: Hand Talk versions n/a through 6.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts...

PT-2025-26383 · Spoki · Spoki

Name of the Vulnerable Software and Affected Versions: Spoki versions through 2.16.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious scripts into w...

PT-2025-25736 · Unknown · Cubewp Framework

Name of the Vulnerable Software and Affected Versions: CubeWP Framework versions 1.1.23 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS in the CubeWP Framework...