CVE-2026-28403

CVE-2026-28403 (Textream) affects Textream, a macOS teleprompter app. Prior to version 1.5.1, the built-in DirectorServer WebSocket endpoint (ws://127.0.0.1:) does not validate the HTTP Origin header during the WebSocket handshake, allowing a malicious page loaded in the same browser session to s...

CVE-2026-28403 Textream Cross-Site WebSocket Hijacking (CSWSH) vulnerability

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server ws://127.0.0.1: accepts connections from any origin without validating the HTTP Origin header during the WebSocket handshake. A malicious web page visited in the same browser session can silentl...

xxe-blind

XXE Out-of-Band File Exfiltration Tool Herramienta en bash pa...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

CVE-2025-56590

An issue was discovered in the InsertFromURL function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server...

Apryse HTML2PDF SDK has security vulnerabilities

The Apryse HTML2PDF SDK is a file format conversion component developed by the American company Apryse. Versions of the Apryse HTML2PDF SDK 11.10 and earlier contained security vulnerabilities. These vulnerabilities stemmed from vulnerabilities in the InsertFromURL function, which could allow for...

CVE-2025-56590

CVE-2025-56590 affects the Apryse HTML2PDF SDK up to and including version 11.10, with a flaw in InsertFromURL() that could allow an attacker to execute arbitrary operating system commands on the local server. The issue is documented across multiple feeds (RH, NVD/NVD-entry, CVE lists) with consi...

PT-2026-3990

Name of the Vulnerable Software and Affected Versions Apryse HTML2PDF SDK versions through 11.10 Description A flaw exists in the InsertFromURL function that may allow an attacker to execute arbitrary operating system commands on the local server. Recommendations Update to a version beyond 11.10...

CVE-2023-49234

An XML external entity XXE vulnerability was found in Stilog Visual Planning 8. It allows an authenticated attacker to access local server files and exfiltrate data to an external server...

Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools

Microsoft Playwright MCP Server versions prior to 0.0.40 fails to validate the Origin header on incoming connections. This allows an attacker to perform a DNS rebinding attack via a victim’s web browser and send unauthorized requests to a locally running MCP server, resulting in unintended...

Improper Access Control

mcp MCP Python SDK is vulnerable to Improper Access Control. The vulnerability is due to DNS rebinding protection not being enabled by default for HTTP-based servers, allowing a malicious website to bypass same-origin policy and send requests to a local MCP server running without authentication,...

CVE-2025-54305

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTEADDR property in request.META is set to 127.0.0.1, to 127.0.1.1, or to ::1. Any user wit...

Insecure Default Initialization of Resource

Overview @modelcontextprotocol/sdk is a Model Context Protocol implementation for TypeScript Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the StreamableHTTPServerTransport or SSEServerTransport process when enableDnsRebindingProtection is not...

GHSA-R77H-RPP9-W2XM Spotipy has a XSS vulnerability in its OAuth callback server

Summary XSS vulnerability in OAuth callback server allows JavaScript injection through unsanitized error parameter. Attackers can execute arbitrary JavaScript in the user's browser during OAuth authentication. Details Vulnerable Code: spotipy/oauth2.py lines 1238-1274 RequestHandler.doGET The...

CVE-2025-11696

A local server-side request forgery SSRF security issue exists within Studio 5000® Simulation Interface™ via the API. This vulnerability allows any Windows user on the system to trigger outbound SMB requests, enabling the capture of NTLM hashes...

VulnCheck KEV: CVE-2020-36870

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

PT-2025-45510

Name of the Vulnerable Software and Affected Versions Ruijie Gateway EG and NBR models versions 11.16B9P1 through 11.94B12P1 Description The EWEB management system in various Ruijie Gateway EG and NBR models contains a code execution issue. Attackers can exploit front-end code when features like...

CVE-2025-27224

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload files. However, the application doesn't properly sanitize the input to this endpoint, ultimately allowing path traversal sequences to be included. This can be used to write to any filename with any file...