26 matches found
CVE-2026-34060
Ruby LSP is an implementation of the language server protocol for Ruby...
[SECURITY] Fedora 44 Update: qt6-qtlanguageserver-6.10.3-1.fc44
The Qt Language Server component provides an implementation of the Language Server protocol...
CVE-2025-68432
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...
CVE-2025-68432
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...
CVE-2025-68432 Zed IDE LSP Binary Configuration Arbitrary Code Execution
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol LSP configurations from the settings.json file located within a project’s .zed subdirectory. A malicious LSP configuration can contain arbitrary shell...
Zed 命令注入漏洞
Zed is an open source code editor from Zed Industries. A command injection vulnerability exists in versions prior to Zed 0.218.2-pre that stems from loading a malicious LSP configuration from the settings.json file in the project.zed subdirectory, which could lead to arbitrary code execution...
[SECURITY] Fedora 42 Update: qt6-qtlanguageserver-6.9.3-1.fc42
The Qt Language Server component provides an implementation of the Language Server protocol...
EUVD-2025-25410
Malicious code in bioql PyPI...
Unspecified Vulnerability in JetBrains IntelliJ IDEA
JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . A security vulnerability exists in...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start...
CVE-2025-57729
CVE-2025-57729 affects JetBrains IntelliJ IDEA prior to 2025.2, where an automated LSP server startup can trigger an unexpected plugin startup. Multiple connected sources (CNVD, Red Hat, OSV, PT-Security, etc.) corroborate the issue and describe the root cause as the automatic LSP server initiali...
[SECURITY] Fedora 42 Update: qt6-qtlanguageserver-6.9.1-1.fc42
The Qt Language Server component provides an implementation of the Language Server protocol...
Fedora: Security Advisory for qt6-qtlanguageserver (FEDORA-2024-bfb8617ba3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: qt6-qtlanguageserver-6.7.1-2.fc40
The Qt Language Server component provides an implementation of the Language Server protocol...
CVE-2024-22415 Unsecured endpoints in the jupyter-lsp server extension
jupyter-lsp is a coding assistance tool for JupyterLab code navigation + hover suggestions + linters + autocompletion + rename using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control on the operating system level, and with...
jupyterlab-lsp Security Vulnerabilities
jupyterlab-lsp is a tool that provides coding help for JupyterLab using the Language Server protocol. A security vulnerability exists in jupyterlab-lsp 2.2.1 and earlier versions, which stems from a lack of authentication of the jupyter-lsp server extension endpoint, allowing an attacker to acces...
GLSA-202401-21 : KTextEditor: Arbitrary Local Code Execution
The remote host is affected by the vulnerability described in GLSA-202401-21 KTextEditor: Arbitrary Local Code Execution - The LSP Language Server Protocol plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91.0 tries to execute the associated LSP server binary when opening a file of a...
CVE-2022-4952
A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and classified as problematic. This vulnerability affects the function CreateSerializerSettings of the file src/JsonRpc/Serialization/SerializerBase.cs of the component JSON Serializer. The manipulation leads...
CVE-2022-4952 OmniSharp csharp-language-server-protocol JSON Serializer SerializerBase.cs CreateSerializerSettings resource consumption
A vulnerability has been found in OmniSharp csharp-language-server-protocol up to 0.19.6 and classified as problematic. This vulnerability affects the function CreateSerializerSettings of the file src/JsonRpc/Serialization/SerializerBase.cs of the component JSON Serializer. The manipulation leads...