EUVD-2025-32714

Insecure Direct Object Reference IDOR in Negotiator v3.15.2 from Biobanking and Biomolecular Resources - European Research Infrastructure BBMRI-ERIC. This vulnerability allows an attacker to access or modify unauthorised resources by manipulating requests that use the 'userID' parameter in...

CVE-2025-40676

CVE-2025-40676 affects Negotiator v3.15.2 from BBMRI-ERIC. The vulnerability is an insecure direct object reference (IDOR) in the userID parameter of the /api/v3/users/ endpoint, enabling an attacker to access or modify unauthorised resources and potentially expose or alter sensitive data. The CV...

EUVD-2019-5869

Malware in sbrugna...

EUVD-2019-5877

Malware in sbrugna...

EUVD-2019-5868

Malware in sbrugna...

EUVD-2019-5870

Malware in sbrugna...

EUVD-2019-5872

Malware in sbrugna...

EUVD-2019-5873

Malware in sbrugna...

EUVD-2019-5874

Malware in sbrugna...

EUVD-2019-5875

Malware in sbrugna...

EUVD-2019-5876

Malware in sbrugna...

EUVD-2019-5486

Malware in sbrugna...

EUVD-2018-11267

Malware in sbrugna...

EUVD-2019-5485

Malware in sbrugna...

CVE-2025-10696

CVE-2025-10696 affects OpenSupports 4.11.0. An endpoint allows editing the list of 'supervised users' for any account without verifying ownership, enabling a Level 1 staff member to modify the supervision relationship of a target user. This can let the target view tickets belonging to the added s...

CVE-2025-10696 OpenSupports 4.11.0 — Insecure Direct Object Reference in supervised list

OpenSupports exposes an endpoint that allows the list of 'supervised users' for any account to be edited, but it does not validate whether the actor is the owner of that list. A Level 1 staff member can modify the supervision relationship of a third party the target user, who can then view the...

EUVD-2025-31717

Malicious code in bioql PyPI...

EUVD-2025-31723

Malicious code in bioql PyPI...

EUVD-2025-28006

Malicious code in bioql PyPI...

EUVD-2025-28313

Malicious code in bioql PyPI...