CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

CVE-2026-5476 NASA cFS cfe_tbl_passthru_codec.c CFE_TBL_ValidateCodecLoadSize integer overflow

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

CVE-2026-5474

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

CVE-2026-5475 NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFESBTransmitMsg of the file cfesbpriv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but...

CVE-2026-5474 NASA cFS CCSDS Packet Header to_lab_passthru_encode.c CFE_MSG_GetSize heap-based overflow

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFEMSGGetSize of the file apps/tolab/fsw/src/tolabpassthruencode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local...

PT-2026-30208

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFE TBL ValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfe tbl passthru codec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told...

EUVD-2025-27970

Malicious code in bioql PyPI...

EUVD-2025-8100

Malicious code in bioql PyPI...

EUVD-2025-17136

Malicious code in bioql PyPI...

EUVD-2025-18542

Malicious code in bioql PyPI...

EUVD-2025-15495

Malicious code in bioql PyPI...

EUVD-2025-8090

Malicious code in bioql PyPI...

EUVD-2025-8098

Malicious code in bioql PyPI...

EUVD-2025-8103

Malicious code in bioql PyPI...

CVE-2025-39508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through = 6.4.4...

CVE-2025-39508

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through = 6.4.4...

CVE-2025-39508 WordPress Nasa Core Plugin <= 6.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through = 6.4.4...

CVE-2025-39508 WordPress Nasa Core Plugin <= 6.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NasaTheme Nasa Core nasa-core allows Reflected XSS.This issue affects Nasa Core: from n/a through = 6.4.4...

CVE-2025-39508

CVE-2025-39508 affects the WordPress plugin Nasa Core (Nasa Theme). The vulnerability is a Reflected XSS due to improper input neutralization during web page generation. Affected versions are listed as up to 6.3.2 in the CVE description, with related sources confirming continued XSS discussions a...

PT-2025-25678 · Nasa Core · Nasa Core

Name of the Vulnerable Software and Affected Versions: Nasa Core versions through 6.3.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions through 6.3.2, update...