CVE-2025-68271

OpenC3 COSMOS (versions 5.0.0–6.10.1) has a critical remote code execution vulnerability exploitable via the JSON-RPC API. The flaw occurs when parsing attacker-controlled parameter text with String#convert_to_value; for array-like inputs, convert_to_value may execute eval(), allowing an unauthen...

CVE-2025-68271 Unauthenticated Remote Code Execution in openc3-api

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API. When a JSON-RPC request uses the string form of...

CVE-2025-12548

A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration SSH keys, tokens, etc. from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API exposed on TCP port 3333...

GHSA-3FM2-XFQ7-7778 HAXcms Has Stored XSS Vulnerability that May Lead to Account Takeover

Summary Stored XSS Leading to Account Takeover Details The Exploit Chain: 1.Upload: The attacker uploads an .html file containing a JavaScript payload. 2.Execution: A logged-in administrator is tricked into visiting the URL of this uploaded file. 3.Token Refresh: The JavaScript payload makes a...

Jervis Has a JWT Algorithm Confusion Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL244-L249 The code doesn't validate that the JWT header specifies "alg":"RS256". Impact Depending on the broader system, this could allow JWT...

GHSA-5PQ9-5MPR-JJ85 Jervis Has a JWT Algorithm Confusion Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL244-L249 The code doesn't validate that the JWT header specifies "alg":"RS256". Impact Depending on the broader system, this could allow JWT...

Astra Linux – Vulnerability in cjson

cJSON 1.7.15 may allow a denial of service through a crafted JSON document, such as "a": true, "b": null,9999999999999999999999999999999999999999999999912345678901234567...

PT-2026-2798

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.11.4 Description Hono is a Web application framework supporting various JavaScript runtimes. A flaw exists in the JWT verification middleware when using JWK/JWKS, where the alg value in the JWT header could influence...

MiracleLinux 9 : perl-JSON-XS-4.04-1.el9_6 (AXSA:2025-10955:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10955:02 advisory. JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 Tenable has extracted the preceding description block directly...

MiracleLinux 8 : firefox-128.6.0-1.el8_10.ML.1 (AXSA:2025-9544:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9544:01 advisory. firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241...

MiracleLinux 8 : perl-JSON-XS-3.04-4.el8_10 (AXSA:2025-10954:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10954:01 advisory. JSON-XS: integer buffer overflow causing a segfault when parsing crafted JSON CVE-2025-40928 Tenable has extracted the preceding description block directly...

PT-2026-2799

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.11.4 Description Hono’s JWT verification middleware had a flaw where the algorithm specified in the JWT header could influence signature verification, even when the selected JWK did not explicitly define an algorithm...

PT-2026-2806

Name of the Vulnerable Software and Affected Versions Cal.com versions 3.1.6 through 6.0.6 Description Cal.com, an open-source scheduling software, has a critical flaw in a custom NextAuth JWT callback. This issue allows attackers to gain full authenticated access to any user's account by supplyi...

PT-2026-2441

Name of the Vulnerable Software and Affected Versions Eclipse Che versions affected versions not specified Description A flaw exists in Eclipse Che che-machine-exec that permits unauthenticated remote arbitrary command execution and secret exfiltration, including SSH keys and tokens, from other...

MiracleLinux 9 : firefox-128.6.0-1.el9_5.ML.1 (AXSA:2025-9549:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9549:02 advisory. firefox: Use-after-free when breaking lines in text CVE-2025-0238 firefox: Memory corruption when using JavaScript Text Segmentation CVE-2025-0241...

MiracleLinux 9 : grafana-10.2.6-11.el9_6 (AXSA:2025-10478:10)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10478:10 advisory. golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directl...

Hono 数据伪造问题漏洞

Hono is a web framework written in TypeScript from the Hono community. A data forgery issue vulnerability exists in Hono versions prior to 4.11.4 that stems from the JWT validation middleware allowing the JWT header algorithm to influence signature verification, potentially leading to algorithmic...

GO-2025-4269 SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key in github.com/actiontech/sqle

SQLE's JWT Secret Handler can be manipulated to use hard-coded cryptographic key in github.com/actiontech/sqle...

PYSEC-2026-90

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...

PYSEC-2026-90

MindsDB is a platform for building artificial intelligence from enterprise data. Prior to version 25.11.1, an unauthenticated path traversal in the file upload API lets any caller read arbitrary files from the server filesystem and move them into MindsDB’s storage, exposing sensitive data. The PU...