PT-2026-24483

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.13 Description Flowise, a drag & drop user interface for building customized large language model flows, contains a Server-Side Request Forgery SSRF issue. The application exposes an HTTP Node within AgentFlow and...

PT-2025-41490

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A denial-of-service DoS condition exists in versions prior to 3.0.13. An authenticated user can disrupt chat functionality for all meeting...

Joplin 跨站脚本漏洞

Joplin is an open source note-taking and to-do list application from the individual developer Laurent Cozic. A cross-site scripting vulnerability exists in Joplin version 3.0.13 that stems from processing HTML content without properly escaping or handling symbols, which allows cross-site scriptin...

GHSA-933G-V89R-X8PF Apache Dubbo vulnerable to Deserialization of Untrusted Data

A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions...