CVE-2026-27194 D-Tale affected by Remote Code Execution through the /save-column-filter endpoint

D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are vulnerable to Remote Code Execution through the /save-column-filter endpoint. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. This issue...

Man D-Tale 注入漏洞

Man D-Tale is a visualization tool for pandas data structures within the Man company. Versions of Man D-Tale prior to 3.20.0 contained an injection vulnerability. This vulnerability stemmed from a remote code execution flaw through the /save-column-filter endpoint, which could allow attackers to...

GHSA-C87C-78RC-VMV2 D-Tale affected by Remote Code Execution through the /save-column-filter endpoint

Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.20.0. Workarounds There are no workarounds for versions 3.20.0...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

EUVD-2025-206532

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

Tale Blog Security Vulnerabilities

Tale Blog is a Java blog developed using the Tale Blog System, which is open-source. Version 2.0.5 of Tale Blog has a security vulnerability that can be exploited by cross-site scripting attacks...

CVE-2025-69749

CVE-2025-69749 describes a Cross Site Scripting vulnerability in tale v2.0.5 . The public descriptions state an attacker can execute arbitrary code, but the connected documents do not provide concrete technical details (e.g., vulnerable component, root cause, affected files, or patch/version with...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

PT-2026-5324

Name of the Vulnerable Software and Affected Versions tale versions 2.0.5 Description A Cross Site Scripting issue exists in tale version 2.0.5 that could allow an attacker to execute arbitrary code. Recommendations At the moment, there is no information about a newer version that contains a fix...

CVE-2025-69749

Cross Site Scripting vulnerability in tale v.2.0.5 allows an attacker to execute arbitrary code...

CVE-2025-1585

A vulnerability, which was classified as problematic, has been found in otale tale up to 2.0.5. This issue affects the function OptionsService of the file src/main/resources/templates/themes/default/partial/header.html. The manipulation of the argument logourl leads to cross site scripting. The...

VulnCheck KEV: CVE-2024-55890

D-Tale is a visualizer for pandas data structures. Prior to version 3.16.1, users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.16.1 where the update-settings endpoint blocks the ability...

EUVD-2025-6664

Malicious code in bioql PyPI...

EUVD-2025-6665

Malicious code in bioql PyPI...

EUVD-2024-2849

Malicious code in bioql PyPI...

EUVD-2024-0283

Malicious code in bioql PyPI...

EUVD-2025-4409

Malicious code in bioql PyPI...