CVE-2026-25047

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

PT-2026-4399

Name of the Vulnerable Software and Affected Versions Contact Form 7 GetResponse Extension versions through 1.0.8 Description The Contact Form 7 GetResponse Extension contains a flaw that allows retrieval of embedded sensitive data. This occurs due to improper handling of data within the extensio...

CVE-2025-58272

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed...

Jenkins plugin Nouvola DiveCloud 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. Jenkins plugin...

WordPress LH Copy Media File plugin <= 1.08 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin LH Copy Media File versions = 1.08...

CVE-2023-45727

Proself Enterprise/Standard Edition Ver5.62 and earlier, Proself Gateway Edition Ver1.65 and earlier, and Proself Mail Sanitize Edition Ver1.08 and earlier allow a remote unauthenticated attacker to conduct XML External Entity XXE attacks. By processing a specially crafted request containing...

Libde265 缓冲区错误漏洞

Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.8, which originates from ffhevcputhevcqpelh2v1sse in sse-motion.cc contains a stack buffer overflow, which can be exploited by an attacker to cause a denial of service DoS via a crafted video file...