UBUNTU-CVE-2026-41673

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in lib/dom.js operate without a depth limit. A sufficiently deeply nested DO...

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an open-source library used to run untrusted JavaScript code inside a secure sandbox...

CVE-2026-41675

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled processing instruction data to be serialized into XML without...

CVE-2026-41674

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...

CVE-2026-41673

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, seven recursive traversals in lib/dom.js operate without a depth limit. A sufficiently deeply nested DO...

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

EUVD-2026-28274

Admidio is an open-source user management solution. Prior to version 5.0.9, an unauthenticated attacker can execute arbitrary JavaScript in any Admidio user's browser through a reflected XSS in system/msgwindow.php. The endpoint passes user input through htmlspecialchars, which does not encode...

Benchmarking Large Language Models for IoC Recovery under Adversarial Code Obfuscation and Encryption

Software obfuscation and encryption present persistent challenges for program comprehension and security analysis, particularly when adversaries conceal Indicators of Compromise IoCs such as IP addresses within source code. While Large Language Models LLMs have recently demonstrated remarkable...

inngest-js 信息泄露漏洞

Inngest-js is an open-source framework developed by Inngest, designed to support various serverless platforms. It serves as a reliable event-driven and background task execution framework. Versions 3.22.0 to 3.53.1 of Inngest-js contain a vulnerability related to information leakage. This...

BentoPDF 跨站脚本漏洞

BentoPDF is a privacy-oriented client PDF processing tool developed by Alam. Versions of BentoPDF prior to 2.8.3 contained a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting, allowing attackers to execute arbitrary JavaScript within the Markdown to PDF tool...

CVE-2026-41672

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

Linux Distros Unpatched Vulnerability : CVE-2026-23928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an...

PT-2026-38586

Name of the Vulnerable Software and Affected Versions Vvveb versions prior to 1.0.8.2 Description An unauthenticated reflected cross-site scripting issue exists in the visual editor preview renderer. Attackers can execute arbitrary JavaScript by manipulating the r query parameter and component aj...

PT-2026-38340

Name of the Vulnerable Software and Affected Versions Math.js versions 13.1.0 through 15.1.x Description Arbitrary JavaScript can be executed through the expression parser of the library. Recommendations Update to version 15.2.0...

Flight has reflected XSS through an unvalidated JSONP callback in Flight::jsonp()

Summary Flight::jsonp concatenates the ?jsonp= query parameter directly into an application/javascript response body without validating that the value is a legal JavaScript identifier. An attacker can inject arbitrary JavaScript that executes in the response origin, enabling reflected cross-site...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Flight::jsonp process. An attacker can execute arbitrary JavaScript in the context of the response origin by supplying a crafted jsonp query parameter, which is concatenated directly into the JavaScript...

EUVD-2026-27983

Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

Cross-site Scripting (XSS)

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Cross-site Scripting XSS via the decodeAllEntities function. An attacker can execute arbitrary JavaScript in the context of the application origin by...

GHSA-WHQH-9PQ5-C7R3 phpMyFAQ has a SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS

Summary The SvgSanitizer::decodeAllEntities method limits recursive entity decoding to 5 iterations. By wrapping each character of javascript in an href attribute value with 5 levels of & encoding around numeric HTML entities e.g., amp;amp;amp;106; for j, an attacker can bypass both isSafe...

phpMyFAQ has a SVG Sanitizer Entity Decoding Depth Limit Bypass Leading to Stored XSS

Summary The SvgSanitizer::decodeAllEntities method limits recursive entity decoding to 5 iterations. By wrapping each character of javascript in an href attribute value with 5 levels of & encoding around numeric HTML entities e.g., amp;amp;amp;106; for j, an attacker can bypass both isSafe...