1065 matches found
CVE-2026-45553
NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...
CVE-2026-45553 NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...
CVE-2026-45553
CVE-2026-45553 affects NiceGUI prior to v3.12.0. The server-side reStructuredText renderer (ui.restructured_text) passes content through Docutils without disabling file insertion directives, enabling an attacker-controlled input to trigger include, csv-table with :file:, or raw with :file:. This ...
CVE-2026-45553 NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
NiceGUI is a Python-based UI framework. Prior to version 3.12.0, ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard...
Symfony has XXE (Local File Disclosure) in DomCrawler::addXmlContent() via validateOnParse = true
Description symfony/dom-crawler provides the Crawler class for navigating HTML/XML documents with CSS/XPath selectors; symfony/browser-kit's HttpBrowser uses it to parse fetched pages. Crawler::addXmlContent sets DOMDocument::$validateOnParse = true before calling loadXML. Setting validateOnParse...
CVE-2026-40682
A flaw was found in Apache OpenNLP. A remote attacker can exploit this vulnerability by providing a specially crafted dictionary file. This can lead to an XML External Entity XXE injection, which allows for the disclosure of local files or enables server-side request forgery SSRF, where the serve...
Trimble SketchUp 安全漏洞
Trimble SketchUp is a 3D modeling software developed by Trimble in the United States. It is designed for architects, urban planning experts, producers, game developers, and professionals in related fields. Trimble SketchUp has a security vulnerability that stems from improper handling of dynamic...
XML External Entity (XXE) Injection
Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the Crawler::addXmlContent XML parsing logic. An attacker can read arbitrary local files by supplying crafted XML containing external entities, as validateOnParse re-enables DTD processing and...
NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
Summary ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard Docutils directives include, csv-table with :file:, raw wi...
GHSA-JFRM-RX66-G536 NiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()
Summary ui.restructuredtext renders reStructuredText server-side with Docutils without disabling file insertion directives. When a NiceGUI application passes attacker-controlled content to ui.restructuredtext, an attacker can use standard Docutils directives include, csv-table with :file:, raw wi...
CVE-2026-42598
Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers. From 2.4.0, to before 2.13.0, when requesting content from a Static Route, it was possible to request paths such as http://localhost:8080/c:/Windows/System32/drivers/etc/hosts and have the...
Security Bulletin: IBM Operator for Apache Flink is affected by a vulnerability in AssertJ library (CVE-2026-24400)
Summary This security vulnerability in the AssertJ library used within IBM Event Processing could allow an attacker to exploit specially crafted XML input to cause local file disclosure, server-side request forgery SSRF, or denial of service in Java-based components running on the Apache Flink...
CVE-2026-43891
changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vulnerable flow starts in the backup restore logic. When a backup ZIP is restored, the application...
CVE-2026-42212
SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, Opening a .gpp file in the SolidCAM Postprocessor IDE extension causes the language server to parse a companion .vmid file from the same directory...
CVE-2026-42212
SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, Opening a .gpp file in the SolidCAM Postprocessor IDE extension causes the language server to parse a companion .vmid file from the same directory...
EUVD-2026-28839
SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, Opening a .gpp file in the SolidCAM Postprocessor IDE extension causes the language server to parse a companion .vmid file from the same directory...
CVE-2026-42212
CVE-2026-42212 – SolidCAM-GPPL-IDE (Postprocessor IDE) affects versions 1.0.0–1.0.1 of the unofficial SolidCAM extension. The VMID parser loads XML with XDocument.Load(...) without XmlReaderSettings, enabling DTD processing and leading to XXE and related risks. Impact per sources includes local f...
PT-2026-39200
Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description Opening a .gpp file causes the language server to parse a companion .vmid file from the same directory. The VMID parser uses XDocument.Loadpath without XmlReaderSettings, which in .NET...
Postprocessor IDE for SolidCAM 资源管理错误漏洞
Postprocessor IDE for SolidCAM is a GPPL language development support tool developed by Andrey Zorin. Versions of Postprocessor IDE for SolidCAM from 1.0.0 to 1.0.2 contained a resource management vulnerability. This vulnerability arose from the language server’s parsing of.vmid files in the same...
Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup
Summary On Windows, a URI using backslash traversal e.g. ....\ secret.txt bypasses the directory traversal check in Template.init and the posixpath-based normalization in TemplateLookup.gettemplate, allowing reads of files outside the configured template directory. Details The root cause is a...