Lucene search
+L

5 matches found

CVE
CVE
added 2026/07/07 8:58 p.m.15 views

CVE-2026-50179

CVE-2026-50179 affects Actual Budget prior to version 26.6.0 where exportToCSV/exportQueryToCSV passed user-controlled Payee/Notes/Account/Category strings to csv-stringify without a cast callback, allowing formula prefixes (e.g., =, +, -, @, tab, CR) to survive in CSV cells. When opened in Excel...

4.2CVSS6AI score0.00286EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/22 11:48 p.m.7 views

@actual-app/web has CSV Formula Injection in Transaction Export via Imported Payee/Notes Fields

Summary exportToCSV and exportQueryToCSV in packages/loot-core/src/server/transactions/export/export-to-csv.ts pass user-controlled Payee, Notes, Account, and Category strings to csv-stringify with no cast callback and no formula-prefix neutralization. Strings that begin with =, +, -, @, tab, or...

4.2CVSS5.9AI score0.00286EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.13 views

Macaron Notes 安全漏洞

Macaron Notes is a note-taking application developed by Macaron Corporation that supports sticky note recording, schedule organization, and personalized theme management. Version 5.5 of Macaron Notes contains a security vulnerability. This vulnerability stems from allowing attackers to cause...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/16 12:0 a.m.12 views

Social & Mobile Color Notes 安全漏洞

Social & Mobile Color Notes is a note application developed by Social & Mobile that supports text recording, task management, and color categorization. Version 1.4 of Social & Mobile Color Notes contains a security vulnerability. This vulnerability stems from a denial-of-service issue, which coul...

8.7CVSS5.8AI score0.00284EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.6 views

Sourcecodester Medicine Reminder App 安全漏洞

SourceCodester Medicine Reminder App is an open source medication reminder application from SourceCodester. A security vulnerability exists in version 1.0 of the Sourcecodester Medicine Reminder App, which stems from the Medicine Name and Notes Optional fields not properly filtering inputs, which...

6.1CVSS6AI score0.0022EPSS
Exploits1References2
Rows per page
Query Builder