Gotenberg has path traversal in zip entry name via Windows-style separators in upload filename

Summary filepath.Base on the Linux container does not strip backslashes , because \ is only a path separator on Windows. A multipart filename like ........\Windows\System32\evil.pdf survives Gotenberg's input sanitisation and lands verbatim as the zip entry name when a multi-output route...

Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameter

Summary GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitiser blocks ../ traversal but does not strip Bourne-shell metacharacters such as $ or backticks, and...

CVE-2026-41691

Copilot said: i18nextify is a JavaScript library that adds i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 3.0.5 interpolate the lng and ns values directly into the configured loadPath / addPath URL templat...

EUVD-2026-28346

Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code and subsequently OS commands on the docker container via Server-Side Template Injection SSTI for user-created transformations...

PT-2026-38418

Name of the Vulnerable Software and Affected Versions Open Notebook version 1.8.3 Description Insufficient user input sanitization allows an application user to perform Server-Side Template Injection SSTI, a flaw where an attacker can inject malicious templates into a server-side engine. This...

CVE-2026-39341 SQL injection in ChurchCRM.0

ChurchCRM is an open-source church management system. Prior to 7.1.0, the application is vulnerable to time-based SQL injection due to an improper input validation. Endpoint Reports/ConfirmReportEmail.php?familyId= is not correctly sanitising user input, specifically, the sanitised input is not...

CVE-2026-2466

The DukaPress WordPress plugin through 3.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2026-27516

Name of the Vulnerable Software and Affected Versions ActiveMatrix BusinessWorks and Enterprise Administrator affected versions not specified Description The software contains injection flaws stemming from inadequate validation or sanitization of user-provided input. This can lead to the disclosu...

PT-2026-22084

Name of the Vulnerable Software and Affected Versions Drupal Tagify versions prior to 1.2.49 Description The Tagify module for Drupal does not properly sanitize user-provided input before using it in JavaScript templates within the Tagify widget. This allows for the execution of arbitrary...

[SECURITY] [DSA 6147-1] pillow security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6147-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 20, 2026 https://www.debian.org/security/faq -...

SCEditor has DOM XSS via emoticon URL/HTML injection

If an attacker has the ability control configuration options passed to sceditor.create, like emoticons, charset, etc. then it's possible for them to trigger an XSS attack due to lack of sanitisation of configuration options. Proof of concept: js sceditor.createtextarea, emoticons: dropdown: ':':...

CVE-2025-13355

The URL Shortify WordPress plugin before 1.11.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-14015

The WordPress eCommerce Plugin WordPress plugin through 2.9.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

PT-2025-47883

Name of the Vulnerable Software and Affected Versions WordPress eCommerce Plugin versions through 2.9.0 Description The WordPress eCommerce Plugin does not properly sanitize and escape a parameter before displaying it on a page. This can lead to a Reflected Cross-Site Scripting XSS issue,...

Fedora 42 : xen (2025-ec271ef07b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ec271ef07b advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

Security update for xen

This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...

SUSE-SU-2025:3843-1 Security update for xen

This update for xen fixes the following issues: - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 - CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xen (SUSE-SU-2025:3798-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3798-1 advisory. - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls...

SUSE SLES15 Security Update : xen (SUSE-SU-2025:3797-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3797-1 advisory. - CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 - CVE-2025-27466,...

Security update for xen

This update for xen fixes the following issues: CVE-2025-58147, CVE-2025-58148: Fixed incorrect input sanitisation in Viridian hypercalls bsc1251271, XSA-475 CVE-2025-27466, CVE-2025-58142, CVE-2025-58143: Fixed mutiple vulnerabilities in the Viridian interface bsc1248807, XSA-472 Patch...