datart 安全漏洞

Datart is an open-source data visualization platform developed by running-elephant. Version datart v1.0.0-rc.3 contains a security vulnerability. This vulnerability stems from allowing authenticated attackers to access sensitive data through custom H2 JDBC connection strings, resulting in...

Toward a Military Smart Cyber Situational Awareness (CSA)

The development of technology across multiple sectors and the growing importance of cyber warfare make the development of Cyber Situational Awareness CSA a fundamental component of any cyber defense strategy. CSA, as a practice, enables understanding of the current landscape within an organizatio...

PT-2026-7724

Dify is an open-source LLM app development platform. Prior to 1.13.0, a cross site scripting vulnerability has been found in the web application chat frontend when using echarts. User or llm inputs containing echarts containing a specific javascript payload will be executed. This vulnerability is...

EUVD-2026-5419

n8n is an open source workflow automation platform. Prior to versions 1.123.18 and 2.5.0, a vulnerability in the file access controls allows authenticated users with permission to create or modify workflows to read sensitive files from the n8n host system. This can be exploited to obtain critical...

forma.lms cross-site scripting vulnerability

forma.lms is an open-source, web-based online learning platform developed by individual developers. Version 2.3.0.2 of forma.lms contains a cross-site scripting vulnerability. This vulnerability arises from improper cleaning of inputs for course code, name, description fields, and email parameter...

CVE-2025-61684

creationtimestamp| type| source ---|---|--- 2026-01-19 17:01:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcs4lgs7x522...

CVE-2022-23470

Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and...

EUVD-2025-206235

Dify is an open-source LLM app development platform. Prior to version 1.11.0, the API key is exposed in plaintext to the frontend, allowing non-administrator users to view and reuse it. This can lead to unauthorized access to third-party services, potentially consuming limited quotas. Version...

CVE-2025-61914

n8n is an open source workflow automation platform. Prior to version 1.114.0, a stored Cross-Site Scripting XSS vulnerability may occur in n8n when using the “Respond to Webhook” node. When this node responds with HTML content containing executable scripts, the payload may execute directly in the...

[SECURITY] Fedora 42 Update: pgadmin4-9.11-1.fc42

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

dify 安全漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.9.1 of dify, which stems from a misconfiguration of CORS and could lead to cross-domain authentication requests...

dify 安全漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.9.1 of dify, which stems from improper privileges and could lead to unauthorized access to system configuration data...

dify 安全漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.9.1 of dify, which stems from a misconfiguration of CORS and could lead to cross-domain authentication requests...

pipeshub-ai 代码问题漏洞

pipeshub-ai is an enterprise automation platform open-sourced by PipesHub AI - The Open Source Alternative to Glean. A code issue vulnerability exists in versions prior to pipeshub-ai 0.1.0-beta, which stems from a lack of authentication and could allow an attacker to remotely overwrite files or...

Vulnerability-Lookup 安全漏洞

Vulnerability-Lookup is an open source Vulnerability-Lookup platform for managing disclosure of vulnerabilities. A security vulnerability exists in Vulnerability-Lookup versions prior to 2.18.0 that stems from not securely handling user-controlled content and could lead to a stored cross-site...

[SECURITY] Fedora 42 Update: pgadmin4-9.10-1.fc42

pgAdmin is the most popular and feature rich Open Source administration and d evelopment platform for PostgreSQL, the most advanced Open Source database in the world...

Minder 安全漏洞

Minder is an open source platform that helps development teams and the open source community build more secure software and prove to others that the software they build is secure. A security vulnerability exists in Minder that stems from improper content acquisition and could lead to unauthorized...

dify 安全漏洞

dify is an open source LLM application development platform from LangGenius Open Source. A security vulnerability exists in version 1.6.0 of dify, which stems from the authentication mechanism returning different error messages for non-existing and existing accounts, potentially leading to an...

EUVD-2021-24189

Malware in sbrugna...

EUVD-2021-25570

Malware in sbrugna...