131686 matches found
CVE-2026-42849
authentik is an open-source identity provider. Prior to versions 2025.12.5 and 2026.2.3, due to the implementation of stages in the SFE Simple Flow Executor in order to make the interface more compatible with legacy browsers, it was possible to use an XSS exploit in the AutosubmitStage. This issu...
EUVD-2026-34000
React Router vulnerable to DoS via unbounded path expansion in manifest endpoint...
backpack/crud is vulnerable to Cross-Site Scripting (XSS)
Impact It’s a “moderate” vulnerability… but being an admin panel, take this seriously. It’s difficult… but an attacker could conduct a targeted phishing campaign, in order to trick your users or admins to click a malicious link, which under very specific circumstances could give them information...
Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin
On March 30th, 2026, we publicly disclosed a critical Remote Code Execution vulnerability in Everest Forms Pro, a WordPress plugin with an estimated 4,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to execute arbitrary PHP code on the server, leading to...
ROOT-APP-PYPI-CVE-2026-0000 CVE-2026-0000 in rootio-litellm - Patched by Root
Root has patched CVE-2026-0000 in the rootio-litellm package for Root:PyPI. Multiple fixed versions available...
CVE-2026-42321
GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked tab. Upgrade to 10.0.25 or 11.0.7 to receive a patch...
CVE-2026-45686
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, a remotely reachable integer overflow in OBI's memcached text protocol parser can crash the OBI process and cause denial of service. When parsing...
ROOT-APP-PYPI-CVE-2025-34291 CVE-2025-34291 in rootio-langflow - Patched by Root
Root has patched CVE-2025-34291 in the rootio-langflow package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-64458 CVE-2025-64458 in rootio-django - Patched by Root
Root has patched CVE-2025-64458 in the rootio-django package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-57833 CVE-2025-57833 in rootio-django - Patched by Root
Root has patched CVE-2025-57833 in the rootio-django package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-64459 CVE-2025-64459 in rootio-django - Patched by Root
Root has patched CVE-2025-64459 in the rootio-django package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-68675 CVE-2025-68675 in rootio-apache-airflow - Patched by Root
Root has patched CVE-2025-68675 in the rootio-apache-airflow package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-45134 CVE-2026-45134 in rootio-langsmith - Patched by Root
Root has patched CVE-2026-45134 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-66416 CVE-2025-66416 in rootio-mcp - Patched by Root
Root has patched CVE-2025-66416 in the rootio-mcp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2024-26130 CVE-2024-26130 in rootio-cryptography - Patched by Root
Root has patched CVE-2024-26130 in the rootio-cryptography package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-68664 CVE-2025-68664 in rootio-langchain-core - Patched by Root
Root has patched CVE-2025-68664 in the rootio-langchain-core package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-44843 CVE-2026-44843 in rootio-langchain-core - Patched by Root
Root has patched CVE-2026-44843 in the rootio-langchain-core package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-GHSA-747P-WMPV-9C78 GHSA-747p-wmpv-9c78 in rootio-awscli - Patched by Root
Root has patched GHSA-747p-wmpv-9c78 in the rootio-awscli package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-28356 CVE-2026-28356 in rootio-multipart - Patched by Root
Root has patched CVE-2026-28356 in the rootio-multipart package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2024-1135 CVE-2024-1135 in rootio-gunicorn - Patched by Root
Root has patched CVE-2024-1135 in the rootio-gunicorn package for Root:PyPI. Multiple fixed versions available...