PT-2026-27251

!NOTE If server-side LaTeX rendering is not in use ie XELATEX PATH was not set in indico.conf, this vulnerability does not apply. Impact Due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use specially-crafted LaTeX...

EUVD-2019-11391

Malware in sbrugna...

EUVD-2024-2446

Malicious code in bioql PyPI...

ROS-20250814-12

EMACS text editor vulnerability is related to incorrect input validation of the org-babel-execute:latex in ob-latex.el when processing file or directory names. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

CVE-2024-29073

An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. ...

UBUNTU-CVE-2024-32152

A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability...