CVE-2026-46741

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46741

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

CVE-2026-46741 Etsy::StatsD versions through 1.002002 for Perl allow metric injections

Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an unreleased version with the...

EUVD-2026-34295

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

EUVD-2026-33994

React Router vulnerable to Denial of Service via reflected user input in single-fetch...

CVE-2026-49189

creationtimestamp| type| source ---|---|--- 2026-06-04 07:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnh44fcjsw2f 2026-06-04 07:30:37+00:00| seen| https://infosec.exchange/users/offseq/statuses/116690663960529131 2026-06-04 07:43:12+00:00| seen|...

CVE-2026-8653

creationtimestamp| type| source ---|---|--- 2026-06-04 06:59:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnh2ebu35r2x 2026-06-04 11:14:43+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mnhinduooq2s...

CVE-2026-49185

creationtimestamp| type| source ---|---|--- 2026-06-04 04:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116689956169057665 2026-06-04 04:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mngs2jmfpk2q 2026-06-04 06:54:06+00:00| seen|...

CVE-2026-8829

creationtimestamp| type| source ---|---|--- 2026-06-04 03:05:42+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mngnckqkxo26 2026-06-04 07:09:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnh2w6wc2n2p...

SUSE CVE-2026-34077

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

CVE-2026-10777

creationtimestamp| type| source ---|---|--- 2026-06-04 01:11:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnggx2rp4b2g 2026-06-04 02:57:38+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mngmuf4q332f...

CVE-2026-22055

creationtimestamp| type| source ---|---|--- 2026-06-04 00:43:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngfeufi7727 2026-06-04 13:20:25+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnhpo4vr3n2o...

GHSA-49RJ-9FVP-4H2H

creationtimestamp| type| source ---|---|--- 2026-06-04 00:40:58+00:00| seen| https://gist.github.com/alon710/6d419a56b43f4ac63f23facb23062d82 2026-06-04 00:50:54+00:00| seen| https://gist.github.com/alon710/cecab85d181ca5255e1b29e5e5dd0f30...

CVE-2026-8722

Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

PT-2026-46265

Name of the Vulnerable Software and Affected Versions Etsy::StatsD versions prior to 1.002002 Description Etsy::StatsD for Perl allows metric injections because metric names and values are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted sources to inject...

Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend

Impact The METS-GBS backend's XML parsing and the input document format detection lacked security controls, enabling: - XML External Entity XXE attacks to read local files or cause denial of service - Decompression bombs zip bombs to exhaust memory and disk space - Unbounded archive extraction...

GHSA-8646-J5J9-6R62 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets

When using React Router v7's unstable RSC APIs, there exists a potential client-side XSS issue in the RSC redirect handling if redirects are coming from untrusted sources !NOTE This only impacts your application if you are using the unstable RSC APIs in React Router...

CVE-2025-14772

creationtimestamp| type| source ---|---|--- 2026-06-03 06:01:01+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-545 2026-06-03 11:44:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mneztvokii2u 2026-06-03 16:12:05+00:00| seen|...

CVE-2026-10701

creationtimestamp| type| source ---|---|--- 2026-06-03 04:52:24+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-mozilla-6 2026-06-03 12:25:14+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnf44jhtx423 2026-06-04 06:00:36+00:00| seen|...

PT-2026-46087

When using React Router v7's unstable RSC APIs, there exists a potential client-side XSS issue in the RSC redirect handling if redirects are coming from untrusted sources !NOTE This only impacts your application if you are using the unstable RSC APIs in React Router...